Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
E commerce PPT
1.
2. TABLE OF CONTENT
Topic Page No.
What is Commerce ? 1
What is E-Commerce ? 2
Traditional Business Vs Direct Selling 3
Why use E-Commerce ? 4-to-5
Brief history of E-commerce ? 6-to-7
The process of E-Commerce 8-to-11
Types of E-Commerce 12-to-16
PROS and CONS of E-COMMERCE 17-to-21
Future of E-commerce in India 22
E-commerce Security 23-to-27
Protecting e-Commerce Sites 28
E-COMMERCE LAWS IN THE INDIAN PERSPECTIVE 29-to-33
Cyber Crimes with its Conclusion & Refrences 34-to-39
3. WHAT IS COMMERCE
According to Dictionary.com
Commerce is a division of trade or production which
deals with the exchange of goods and services
from producer to final consumer
It comprises the trading of something of economic
value such as goods, services, information, or
money between two or more entities.
4. WHAT IS E-COMMERCE
Commonly known as Electronic Marketing.
“It consist of buying and selling goods and services over
an electronic systems Such as the internet and other
computer networks.”
“E-commerce is the purchasing, selling and exchanging
goods and services over computer networks (internet)
through which transaction or terms of sale are performed
Electronically.
9. 1970s: Electronic Funds Transfer (EFT)
Used by the banking industry to exchange account
information over secured networks
Late 1970s and early 1980s: Electronic Data
Interchange (EDI) for e-commerce within
companies
Used by businesses to transmit data from one
business to another
1990s: the World Wide Web on the Internet
provides easy-to-use technology for information
publishing and dissemination
Cheaper to do business (economies of scale)
Enable diverse business activities (economies of
scope
11. A consumer uses Web browser to connect
to the home page of a merchant's Web site
on the Internet.
The consumer browses the catalog of
products featured on the site and selects
items to purchase. The selected items are
placed in the electronic equivalent of a
shopping cart.
When the consumer is ready to complete
the purchase of selected items, she
provides a bill-to and ship-to address for
purchase and delivery
12. When the merchant's Web server
receives this information, it computes
the total cost of the order--including
tax, shipping, and handling charges--
and then displays the total to the
customer.
The customer can now provide
payment information, such as a credit
card number, and then submit the
order.
13. When the credit card number is
validated and the order is completed
at the Commerce Server site, the
merchant's site displays a receipt
confirming the customer's purchase.
The Commerce Server site then
forwards the order to a Processing
Network for payment processing and
fulfillment.
15. BUSINESS-TO-BUSINESS (B2B)
B2B stands for Business to Business. It consists of largest
form of Ecommerce. This model defines that Buyer and
seller are two different entities. It is similar to manufacturer
issuing goods to the retailer or wholesaler.
E.g.:-Dell deals computers and other associated accessories
online but it is does not make up all those products. So, in
govern to deal those products, first step is to purchases them
from unlike businesses i.e. the producers of those products.
16. BUSINESS-TO-CONSUMER (B2C):
It is the model taking businesses and consumers
interaction. The basic concept of this model is to
sell the product online to the consumers.
B2c is the direct trade between the company and
consumers. It provides direct selling through online.
For example: if you want to sell goods and services
to customer so that anybody can purchase any
products directly from supplier’s website.
17. BUSINESS-TO-EMPLOYEE (B2E)
Business-to-employee (B2E) electronic
commerce uses an intrabusiness network which
allows companies to provide products and/or
services to their employees. Typically,
companies use B2E networks to automate
employee-related corporate processes.
18. CONSUMER-TO-CONSUMER (C2C)
There are many sites offering free classifieds, auctions,
and forums where individuals can buy and sell thanks to
online payment systems like PayPal where people can
send and receive money online with ease. eBay's auction
service is a great example of where person-to-person
transactions take place everyday since 1995.
23. Unable to examine products
personally
Not everyone is connected to
the Internet
There is the possibility of credit
card number theft
On average only 1/9th of stock
is available on the net
24. FUTURE OF E-COMMERCE IN INDIA
According to business world estimate near about
Sixty thousand new jobs will be created for the
internet world alone in the next two years
e-Commerce transactions are expected to cross the
Rs. 3500 crore milestone in 2010-11, a jump of
around 350 percent from the 2008-09 figure of Rs.
1000 crore
eBay said that consumers were trading goods
worth almost three crore rupees everyday, across
the globe.
26. By the year 2014 it is estimated that close to $250 million a year will be
spent by consumers at online retailers. With web applications like Zen
Cart, Open Cart and Magento making it easy for brick and mortar
shops to quickly set up an ecommerce site, more businesses are
moving to get their products in front of a larger market using the web.
Risks Associated with E-Commerce
Over the years, the methods used by ecommerce sites to process and
store credit card information has become much more sophisticated
than the early days of online shopping. This progress has helped
online shopping overcome one of its greatest obstacles, consumer
trust. As evidenced by the amount of money spent online each year,
people feel much more secure in shopping online than they ever have.
Unfortunately for businesses, the methods used by cyber criminals
trying to steal their customer’s information have made it easier than
ever for them to compromise a web application.
27. Credit Card Theft/Fraud
Sophisticated cyber criminals use bot nets to launch coordinated attacks
against unsuspecting web sites that are vulnerable to attack in order to steal
credit card information –
credit card security is one of the most important components of e-commerce
security. The infamous TJX security breach disclosed in 2007 is a good
example of what can happen to companies that do not have the proper security
measures in place. This breach resulted in 94 million accounts being
compromised with losses exceeding $70 million due to fraud the result was a
lawsuit filed against TJX by over 300 banks. When the attacker, Alberto
Gonzalez, was finally caught it was found that he exploited SQL Injection
vulnerabilities in various web sites to net over 130 million credit cards. Some of
the most common exploits used in financial data theft include:
SQL Injection
Cross-Site Scripting
Path Traversal
Session Hijacking
Malware (Drive-by downloads)
Unfortunately, most sites that are vulnerable to these types of attacks don’t
know it until it is too late.
28. Damaged Brand
When credit cards are stolen from ecommerce sites, it usually makes the news.
When a theft reaches the headlines, both existing and potential customers tend to
avoid using that merchant. Even the most loyal customers think twice and may
turn to a competitor if they are concerned about the security of their financial data.
Theft is not the only way an attack can hurt an established brand name either.
With many Internet users relying on browser add-ons that seek out and report on
potentially harmful sites, if your web site is thought to be spreading malware or
loaded with spam as a result of a link injection you could quite rapidly see a loss
of traffic.
Interruption of Business
It could be that a competitor is trying to hurt your business, or maybe just an
attacker learning how to exploit known vulnerabilities. Quite possibly, it could be
that someone has compromised your web server so that they can use its
resources: hard drive space, processing power, and bandwidth. Whatever the
reason, a Denial of Service attack can hurt any business because customers
cannot get to your site while you are under attack. Not only is revenue lost
because your customers cannot get to your online store, but they may think twice
before ever shopping their again if they know that your site is vulnerable to attack.
29. SEARCH ENGINE RESULTS
Companies fight hard to achieve the premier listings in the
search engine results page, often spending a great deal of
money on Search Engine Optimization specialists to help
them rank high. All it takes is a Cross-Site Scripting attack
that feeds your visitors with malware, or a link injection attack
that flags your site as a spam delivery site and those
rankings you worked so hard for will plummet. Larger search
engines will remove potentially harmful sites from their
search results altogether.
Once a web site has been cleaned, a request can be made
to have it re-evaluated and returned to the search engine
results, however it can be a rather time consuming process
and it is a process that is sure to hurt traffic and revenue.
30. PROTECTING ECOMMERCE SITES
In 2004 five different credit card security programs merged to form the Payment
Card Industry Security Standards Council (PCI DSS) with the purpose of creating
an extra level of protection for card issuers making sure that merchants (both online
and brick and mortar) meet basic levels of security when storing, processing, and
transmitting cardholder data.
To set a minimum level of security, the Payment Card Industry set 12 requirements
for compliance that fall into one of six groups called control objectives. The control
objectives consist of:
Build and maintain a secure network
Protect cardholder data
Maintain a vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain an information security policy
Companies that fail to comply with the PCI DSS standards risk losing the ability to
process credit card payments and may be subjected to audits and fines.
32. Electronic commerce offers exceptional opportunities for the
economic development of India, with its huge pool of technology
skilled, English speaking manpower. However the growth of e-
commerce will depend on the concomitant advancement of a
consistent legal and regulatory framework able to cope with
ensuring rights and obligations in a virtual environment. A number
of developing countries have pursued policies to formulate
consistent legal and regulatory framework to support electronic
transactions across state, national and international borders.
Besides developing the e-infrastructure in the country through
effective Telecom Policy measures, the Indian Government is
taking appropriate steps as confidence building measures for the
growth of e-commerce. It has created the necessary legal and
administrative framework through the enactment of Information
Technology Act 2000,which combines the e-commerce
transactions and computer misuse and frauds rolled into an
Omnibus Act.
33. THE INFORMATION TECHNOLOGY ACT, 2000
AND E-COMMERCE
The Information Technology Act, 2000 and E-Commerce The
Information Technology Act 20004 is based on the Model Law on
Ecommerce adopted by the United Nations Commission on
International Trade Law (UNCITRAL) and pioneering e-commerce
enabling legislations such as the Utah Digital Signatures Act, 1995; the
Singapore Electronic Transactions Act, 1999 and the Malaysian
Electronic Signatures Act. The main objective behind the introduction of
IT Act, 2000 is to encourage the environment in which the laws are
simple and transparent and in which the advantages of e-commerce
can be tapped .The Act aims to provide legal recognition for the
transactions carried out by the means of electronic data interchange
and other means of communications, commonly referred to as
“Electronic Commerce”, which involve the use of alternatives to paper
based methods of the communication and storage of information, to
facilitate electronic filing of document with the government agencies.
34. SECURITY PROVISIONS OF THE IT ACT, 2000
One of the most important issues in the context of e-commerce relates to the
security of business and commercial transactions. A security threat in term of
Internet has been defined as a circumstance, condition or even with the
potential cause economic hardship to data/network resources in the form of
destruction, disclosure, modification of data, denial of services, fraud and abuse.
The IT Act 2000 not only amends the Indian Panel Code to bring within its scope
conventional offences committed electronically, but also creates a new breed of
information technology offences, the prevention of which are incidental to the
maintenance of a secure electronic environment for e-commerce. To make e-
commerce transactions safe and secure, the IT Act 2000, provides for
investigation, trail and punishment for certain offences like source code attacks
(section 65), hacking (section 66), obscenity (section 67), failure to comply with
the controller’s directions (section 68), subscriber’s failure to Controller’s
requirement for decryption (section 69) , accessing designated protected
systems (section 70), misrepresentation to CCA (section 71), breach of
privacy/confidentiality (section 72), publishing false digital signature certificate
(section 73), making available digital signature for the fraudulent purpose
(section 74) and section 75 of the IT Act deals with the offences or contravention
committed outside India .
35. CONCLUDING REMARKS
As more and more business activates are carried out by the electronic means, it
has become more and more important that evidence of these activities should
available to demonstrate legal rights and obligations that flow from them. India is
among the first few countries, which have passed a separate law enabling e-
commerce and other IT enabled services. The IT Act, 2000 is quite
comprehensive and well defined. But there are many important issues of e-
commerce (e.g. Intellectual Property Rights, Data Protection, Domain Names
Disputes, Electronic Payment System, Data Protection, Protection of
EConsumers, Privacy and E-Taxation), which are important for the development
of this new technology, but not covered by the IT Act 2000. Added to these
issues, the Act is aset too far, the over complex provisions relating to contract
formation, the ties to particular technology in the regulation of digital signatures,
the over elaborate mechanisms for controlling certification authorities and the
attempts to define the technology stand in stark contrast to more minimalist
approaches adopted in other jurisdictions. Unless all these legal issues are dealt
with, e-commerce cannot really take off in India.
37. Recent years have exponentially witnessed the growth of e-commerce. The growth of e-
commerce as a business technology is the result of such Internet driven initiative, It has
created a universal platform for buying and selling goods and services and driving important
business process inside the organization. Ecommerce offers huge business opportunities
from small scale industries to large scale industries. Many organizations now want to host
their business on the web to reach the new market as they could not reach effectively with
its sales force or advertising campaigns. Since ecommerce is not bounded with time, huge
shop rentals, distance etc.
With respect to the benefits of modernisation of the traditional concepts of shopping, business
transactions which use to consume whole lot of time, money etc ecommerce is suffering with a security
threat called cyber crime. The concept of crime has been very dynamic in the past century due to rapid
changes in the information technology. criminals, who buy and sell valuable stolen financial information
from millions of unsuspecting internet users every year in an on online black market. Cyber criminals are
so skilled at hacking into thousands of computers every day, the crime is potentially a billion-dollar
business. Cyber attacks mostly come from malware, or malicious software, that handles control of your
computer, and anything on it or entered into it, over to the cyber criminals without you even knowing it.
The future is likely to be more alarming in the sense that crimes will be committed without
the knowledge and cooperation of the victim. Preventing cyber crime in the future will
require strong esecurity rather than plain human prudence. The role,function and efficacy of
Law in curbing cyber crimes have been questioned in the recent years due to various
technological invasion of individual’s privacy. Most of these technologies are legal and
hence it is of utmost priority to analyse the necessary changes that have to be made in our
legal system in order to avoid technological invasion of privacy.
Internet and Electronic Commerce might have become part and parcel of very individual’s
life in the world but it is also one of the most dangerous aspect of ones life as there is very
rare scope for privacy protection and possibility of cyber crimes.
38. Data Alteration or Theft
Most common type of cyber crime. The term Data Alteration or theft means
making illegal changes or stealing data. There have been a growing number of
cases of data alteration or theft over the past few years. Many measures are
adopted in many organization with laws been set up.
Data Diddling
Data diddling is the performing unauthorized modifications to data stored within
the computer system system. Examples include forging or counterfeiting
documents used for data entry and exchanging valid disks and tapes with
modified replacements.
Salami Attacks
This kind of crime is normally prevalent in the financial institutions or for the
purpose of committing financial crimes. An important feature of this type of
offence is that the alteration is so small that it would normally go unnoticed. E.g.
The Ziegler case wherein a logic bomb was introduced in the bank’s system, which
deducted 10 cents from every account and deposited it in a particular
account.
Web Jacking
This term is derived from the term hi-jacking. In these kinds of offences the
hacker gains access and control over the web site of another. He may even
mutilate or change the information on the site. This may be done for fulfilling
political objectives or for money. E.g. recently the site of MIT (Ministry of
Information Technology) was hacked bythe Pakistani hackers and some obscene
matterwas placed therein.
39. E-Mail Bombing
In Internet usage, an e-mail bomb is a form of net abuse consisting of sending huge volumes of e-mail to
an address in an attempt to overflow the mailbox or overwhelm the server where the email address is
hosted in a denial-of-service attack. Mass mailing consists of sending numerous duplicate mails to the
same email address. These types of mail bombs are simple to design but their extreme simplicity means
they can be easily detected by spam filters. List linking means signing a particular email address up to
several email list subscriptions. The victim then has to unsubscribe from these unwanted services
manually.
Spoofing and Phising
In the context of network security, a spoofing attack is a situation in which one person or program
successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Today lot of Email is sent to many people where the mail source identity is changed. E mail spoofing is
very dangerous and it is a potential privacy infringer. Another kind of spoofing is “webpage spoofing,” also
known as phishing. In this attack, a legitimate web page such as a bank’s site is reproduced in “look and
feel” on another server under control of the attacker. The main intent is to fool the users into thinking that
they are connected to a trusted site, for instance to harvest user names and passwords. This attack is
often performed with the aid of URL spoofing, which exploits web browser bugs in order to display
incorrect URLs in the browsers location bar; or with DNS cache poisoning in order to direct the user away
from the legitimate site and to the fake one. Once the user puts in their password, the attack-code reports
a password error, and then redirects the user back to the legitimate site.
Vishing
Vishing is the criminal practice of using social engineering over the telephone system, most
often using features facilitated by Voice over IP (VoIP), to gain access to private personal and
financial information from the public for the purpose of financial reward. The term is a combination of
“voice” and phishing. Vishing exploits the public’s trust in landline telephone services, which have
traditionally terminated in physical locations which are known to the telephone company, and associated
with a bill-payer. The victim is often unaware that VoIP makes formerly difficult-to-abuse tools/features of
caller ID spoofing, complex automated systems (IVR), low cost, and anonymity for the bill-payer
widely available. Vishing is typically used to steal credit card numbers or other information used in
identity theft schemes from individuals.
40. Steganography
Steganography is the science of hiding information. Steganography is the art and
science of writing hidden messages in such a way that no one, apart from the
sender and intended recipient, suspects the existence of the message, a form of
security through obscurity. The word steganography is of Greek origin and means
“concealed writing”.
Computer Vandalism
Vandalism means deliberately destroying or damaging property of another. Thus
computer vandalism may include within its purview any kind of physical harm done
to the computer of any person. These acts may take the form of the theft of a
computer, some part of a computer or a peripheral attached to the computer or by
physically damaging a computer or its peripherals.
Cyber Stalking
Cyber stalking is the use of the Internet or other electronic means to stalk
someone. It has been defined as the use of information and communications
technology, particularly the Internet, by an individual or group of individuals, to
harass another individual, group of individuals, or organization. The behavior
includes false accusations, monitoring, the transmission of threats, identity theft,
damage to data or equipment, the solicitation of minors for sexual purposes, and
gathering information for harassment purposes.
41. CONCLUSION
Cyber crimes have started to create a fear in the minds of many people linked to
the networks mostly worried to ecommerce technology as its success lies in the
internet. The various mechanisms used for securing internet based transactions or
communication can be grouped into
• Authorization, Authentication and Integrity
• Privacy
• Availability by controlling access
In order to safe guard the present success of e-commerce The IT Act 2000 has to
be reviewed in order to save India from Cyber criminals and privacy invaders.
Cyber criminals should not take the advantages of browser ignorance, legislative
delay, enforcement lapse, judicial inefficiency.
REFERENCES
1. http://cse.stanford.edu/class/cs201/projects/computer-crime/theft.html
2. http://en.wikipedia.org/wiki/E-mail_bomb
3. http://legal.practitioner.com/computer-crime/computercrime_3_2_7.htm
4. Dr. Subhash Chandra Gupta, ‘Informationtechnology Act, and its Drawbacks’, 8.
5. C.S.V.Murthy,”E-Commerce”,HimalayaPublishing House,1st Edition (2002).