INTRODUCTION

TO

E – COMMERCE

Comprehensive Notes for Electrical Engineering Students

PREPARED BY :- ABHAY
ELECT. ENGG. 6TH SEM.
2
UNIT – 1
INTRODUCTION TO E-COMMERCE

DEFINITION OF E-COMMERCE

E-commerce is an abbreviation used for electronic commerce. It is the process through which
the buying, selling, dealing, ordering and paying for the goods and services are done over the
internet is known as e-commerce. In this type of online commercial transaction, the seller can
communicate with the buyer without having a face-to-face interaction.

Some examples of real world application of e-commerce are online banking, online shopping,
online ticket booking, social networking, etc. The basic requirement of e-commerce is a
website. The marketing, advertising, selling and conducting transaction are done with the
help of internet. Any monetary transaction, which is done with the help of electronic media is
e-commerce.

FEATURES -

E-Commerce provides the following features –

 Non-Cash Payment – E-Commerce enables the use of credit cards, debit Cards,
smart cards, electronic fund transfer via bank’s website, and other modes of
electronics payment.
 24x7 Service availability – E-commerce automates the business of Enterprises
and the way they provide services to their customers. It is Available anytime,
anywhere.
 Advertising / Marketing – E-commerce increases the reach of advertising of
Products and services of businesses. It helps in better marketing Management of
products/services.

3
  Improved Sales – Using e-commerce, orders for the products can be Generated
anytime, anywhere without any human intervention. It gives a big Boost to
existing sales volumes.
 Support – E-commerce provides various ways to provide pre-sales and post-Sales
assistance to provide better services to customers.
 Inventory Management – E-commerce automates inventory management.
Reports get generated instantly when required. Product inventory Management
becomes very efficient and easy to maintain.
 Communication improvement – E-commerce provides ways for faster, Efficient,
reliable communication with customers and partners.

ADVANTAGES OF E-COMMERCE:

 Buying/selling a variety of goods and services from one’s home or business

 Anywhere, anytime transaction
 Can look for lowest cost for specific goods or service
 Businesses can reach out to worldwide clients – can establish business partnerships
 Order processing cost reduced
 Electronic funds transfer faster
 Supply chain management is simpler, faster, and cheaper using ecommerce
- Can order from several vendors and monitor supplies.
- Production schedule and inventory of an organization can be inspected by
Cooperating supplier who can in-turn schedule their work

DISADVANTAGES OF E-COMMERCE:

 Electronic data interchange using EDI is expensive for small businesses

 Security of internet is not very good – viruses, hacker attacks can paralyse e-
commerce
 Privacy of e-transactions is not guaranteed.
 E-commerce de-personalises shopping

4
THREATS OF E-COMMERCE :-
Cybersecurity Threats – Hacking, phishing, and malware can compromise customer data,
leading to financial losses. Strong cybersecurity measures are essential to prevent breaches.

1. Fraud & Scams – Identity theft, fake reviews, and chargeback fraud can harm both
businesses and consumers. Companies must implement fraud detection systems.

2. Logistics Risks – Shipping delays, inventory mismanagement, and return fraud

disrupt operations. Efficient supply chain management helps mitigate these risks.

3. Market Competition – Intense competition leads to price wars and customer

retention challenges. Businesses need strong branding and loyalty programs to stay
ahead

4. Legal & Compliance Issues – Data privacy laws like GDPR and CCPA impose strict
regulations on handling customer data. Non-compliance can result in heavy fines and
reputational damage.

5. Payment Risks – Payment gateway failures, currency fluctuations, and hidden

transaction fees can affect cash flow. Secure and diverse payment options ensure
smooth transactions.

6. Customer Trust Issues – Poor website performance, lack of personalization, and

negative reviews can drive customers away. A seamless user experience and good
customer service build trust.

CYBER LAWS FOR E-COMMERCE -:

1. Data Protection & Privacy Laws – Regulate the collection, storage, and processing
of customer data.
2. Electronic Transactions & Contracts – Recognize digital contracts and e-signatures
as legally valid.
3. Cybersecurity Laws – Enforce measures to prevent hacking, fraud, and data
breaches.
4. Consumer Protection Laws – Safeguard consumer rights in online transactions and
refunds.

5
 5. Intellectual Property Protection – Prevent unauthorized use of digital content,
trademarks, and copyrights.
6. Anti-Spam & Marketing Laws – Regulate email marketing and prevent unsolicited
spam messages.
7. Online Payment & Financial Regulations – Ensure secure transactions and protect
against payment fraud.

DIFFERENT TYPES OF NETWORKING FOR E-COMMERCE:

Networking is essential for e-commerce as it enables communication, data sharing,
transactions, and security in online businesses. Here’s a deeper look at different networking
types used in e-commerce:

1. Internet

The Internet is a global network that connects millions of computers and devices worldwide.
It serves as the backbone of e-commerce by enabling businesses to interact with customers,
process transactions, and manage online operations.

Key Features:

 Public and open network, accessible to anyone.

 Supports e-commerce platforms, digital marketing, cloud computing, and payment
processing.
 Enables seamless global transactions and 24/7 online shopping.
 Uses protocols like HTTP, HTTPS, FTP, and SMTP for communication.

Applications in E-Commerce:

 Online Shopping Platforms: Websites like Amazon, eBay, and Shopify run on the
internet.
 Digital Payments: Online transactions using credit/debit cards, PayPal, UPI, etc.
 Cloud-Based E-Commerce: Platforms use cloud computing for scalability and
storage.
 SEO & Digital Marketing: Businesses use search engines, social media, and ads to
drive traffic.

6
 2. Intranet

An Intranet is a private network used within an organization to facilitate internal

communication, collaboration, and resource sharing. Unlike the internet, it is restricted to
authorized employees only.

Key Features:

 Secure and private network, accessible only to company employees.

 Hosted on local servers or cloud-based platforms.
 Uses protocols like HTTP, FTP, and VPN for secure access.
 Enhances workflow efficiency and data management.

Applications in E-Commerce:

 Inventory & Order Management: Businesses use intranets to track stock levels and
manage orders.
 Employee Collaboration: Provides internal chat systems, file sharing, and project
management tools.
 Customer Support & CRM: Helps manage customer interactions and sales data.
 Training & HR Management: Companies use intranets for employee training and HR
records.

3. Extranet

An Extranet is an extended version of an intranet that allows external stakeholders, such as

suppliers, partners, and customers, to access specific business data securely.

Key Features:

 A private network with controlled external access.

 Uses VPN (Virtual Private Network) and secure login credentials for authentication.
 Connects suppliers, vendors, and customers with business operations.
 Enhances B2B (Business-to-Business) transactions and communication.

Applications in E-Commerce:

7
  Supplier & Vendor Management: Suppliers access stock levels, order details, and
logistics updates.
 Customer Portals: Clients track orders, invoices, and support tickets.
 Logistics & Shipping Tracking: Third-party logistics providers coordinate deliveries.
 Partner Collaboration: Businesses share confidential data with trusted partners
securely.

EDI SYSTEMS

Electronic Data Interchange (EDI) systems enable businesses to exchange structured

electronic documents efficiently.

1. Direct EDI (Point-to-Point) – Direct communication between two companies using

dedicated channels.
2. EDI via VAN (Value-Added Network) – Uses a third-party network provider for
secure data exchange.
3. Web-Based EDI – Uses a web portal for document exchange without specialized
software.
4. Cloud-Based EDI – Hosted on cloud platforms for real-time, scalable data exchange.
5. Mobile EDI – Allows businesses to send and receive EDI transactions using mobile
devices.

1.1 Wireless Application Protocol:

WAP is a technical standard for accessing information over a mobile wireless network. A
WAP browser is a web browser for mobile devices such as mobile phones that uses the
Protocol.

WAP is a specification for a set of communication protocols to standardize the way that
Wireless devices, such as cellular telephones and radio transceivers, can be used for Internet
Access, including e-mail, the World Wide Web, newsgroups, and instant messaging.

The WAP layers are:

8
  Wireless Application Environment (WAE)
 Wireless Session Layer (WSL)
 Wireless Transport Layer Security(WTLS)
 Wireless Transport Layer (WTP)

1.2 Mobile Computing :

Mobile computing plays a crucial role in e-commerce, enabling businesses and consumers to
conduct transactions anytime and anywhere using smartphones, tablets, and other mobile
devices. It enhances user experience, expands market reach, and drives sales through mobile-
friendly platforms.

Key Aspects of Mobile Computing in E-Commerce

1. Mobile-Friendly Websites – Responsive design ensures smooth shopping experiences

on different screen sizes.
2. Mobile Apps – Dedicated apps offer faster, more personalized shopping experiences
with push notifications.
3. Mobile Payment Systems – Integration of digital wallets like Google Pay, Apple Pay,
and UPI for seamless transactions.
4. Cloud Computing Integration – Ensures data accessibility, security, and real-time
updates for mobile users.
5. Location-Based Services – Uses GPS to provide personalized recommendations and
targeted marketing.
6. Security Measures – Implementing encryption, biometric authentication, and secure
payment gateways to protect user data.
7. 5G & Faster Networks – Enhances mobile browsing speed, improving user
engagement and transaction efficiency.
8. AI & Chatbots – Mobile-based AI assistants and Chabot’s improve customer support
and shopping experiences.

1.3 Wireless Web :

The wireless web allows users to access the internet without physical connections, enabling
mobile browsing, cloud services, and IoT (Internet of Things) applications. Technologies
include:

9
 1. Wi-Fi – Wireless internet access for high-speed browsing.
2. 5G Networks – High-speed mobile internet for seamless connectivity.
3. Bluetooth & NFC – Short-range wireless technologies used in payments and data
sharing.

Web security:

Web security in e-commerce is essential to protect businesses and customers from cyber
threats like hacking, fraud, and data breaches. Protecting customer data involves encryption,
adherence to data privacy laws like GDPR and CCPA, and using tokenization to secure
sensitive information. Websites must be secured with HTTPS, regularly updated software,
and reliable hosting services. Cyberattack prevention includes firewalls, intrusion detection
systems (IDS), and DDoS protection to block malicious activities. Here are key aspects :-

1. Secure Payment Processing – Use SSL/TLS encryption, PCI DSS compliance, and
two-factor authentication (2FA).
2. Data Protection & Privacy – Encrypt sensitive customer data and follow GDPR,
CCPA, and other regulations.
3. Secure Website & Hosting – Implement HTTPS, update software regularly, and use a
secure hosting provider.
4. Protection Against Cyber Attacks – Use firewalls, IDS, and DDoS protection to
prevent hacking and fraud.
5. Strong Authentication – Implement multi-factor authentication (MFA) and enforce
strong password policies.
6. Regular Security Audits – Conduct vulnerability assessments and penetration testing
to identify weaknesses.

INFRASTRUCTURE REQUIREMENTS FOR E-COMMERCE :

Setting up and running an e-commerce business requires a well-structured

infrastructure, including hardware, software, networking, and security systems. Below
are the key components:

1. Hardware Infrastructure

Hardware forms the backbone of an e-commerce platform, supporting website

hosting, data storage, and transactions.

10
Key Requirements:

 Servers – Dedicated or cloud-based servers to host the e-commerce website

and database.
 Data Storage Systems – SSDs, cloud storage, or databases to store customer
data, product catalogs, and transaction records.
 Networking Equipment – Routers, firewalls, and load balancers to ensure
smooth data flow.
 Payment Terminals – POS systems, barcode scanners, and card readers for
retail e-commerce businesses.

2. Software Infrastructure

Software solutions power the e-commerce website, payment processing, and customer
interactions.

Key Requirements:

 E-Commerce Platform – Shopify, WooCommerce, Magento, or custom-built

platforms.

 Database Management System (DBMS) – MySQL, PostgreSQL, or MongoDB

for storing user and product data.

 Content Management System (CMS) – WordPress, Drupal, or Joomla for

managing content.

 Payment Gateway Integration – PayPal, Stripe, Razorpay, or Apple Pay for

secure online transactions.

 ERP (Enterprise Resource Planning) Software – SAP, Oracle, or Microsoft

Dynamics for business management.

3. Network Infrastructure

A robust networking setup ensures seamless connectivity, security, and data

exchange.

11
Key Requirements:

 Internet Connectivity – High-speed broadband or fiber-optic internet for

smooth operations.

 CDN (Content Delivery Network) – Cloudflare or Akamai to improve website

speed and performance.

 VPN (Virtual Private Network) – Secure remote access for employees

handling sensitive data.

 Extranet & Intranet – Enables communication between employees, suppliers,

and partners.

4. Security Infrastructure

Security is crucial for protecting customer data, transactions, and business assets.

Key Requirements:

 SSL/TLS Encryption – Ensures secure data transmission between the website

and users.

 Firewall & Antivirus Software – Protects against cyber threats and

unauthorized access.

 Multi-Factor Authentication (MFA) – Adds an extra layer of security for user

logins.

 PCI DSS Compliance – Ensures secure online payment processing.

 Regular Security Audits – Identifies vulnerabilities in the e-commerce system.

12
 5. Logistics & Supply Chain Infrastructure

Efficient logistics management ensures timely product delivery and inventory control.

Key Requirements:

 Warehouse & Inventory Management System – Tracks stock levels and order
fulfillment.

 Shipping & Delivery Partners – Integration with FedEx, DHL, or local courier
services.

 Order Tracking System – Provides real-time updates to customers.

7. Customer Support Infrastructure

Providing excellent customer service helps build trust and increase sales.

Key Requirements:

 Chatbots & AI Assistants – Automated customer service for FAQs and issue
resolution.

 CRM (Customer Relationship Management) Software – Salesforce, HubSpot,

or Zoho for managing customer interactions.

 Helpdesk & Support Ticket System – Zendesk or Freshdesk for handling

customer queries.

13
UNIT – 2
BUSINESS MODEL OF E –
COMMERCE

BUSINESS MODEL : In e-commerce, a business model defines how an online

company generates revenue, delivers value to customers, and operates its core
business activities.

E-COMMERCE BASED ON TRANSACTION TYPE

E-commerce business models based on transaction type define how products,
services, or information are exchanged between businesses and consumers.
Each model operates differently, depending on the business goals, target
14
audience, and revenue strategies. Below is a deep analysis of the major e-
commerce transaction models:-

1. Direct Selling Model

The Direct Selling Model is one of the most common e-commerce models,
where businesses sell their products or services directly to consumers through
an online platform. This eliminates intermediaries, reducing costs and
increasing profits. Direct selling platforms are typically owned by the brand or
company itself, allowing better control over pricing, branding, and customer
experience.

 Key Features: Businesses maintain inventory, handle transactions, and

provide customer service.
 Advantages: Higher profit margins, better brand control, and direct
customer engagement.
 Examples: Apple Store (selling gadgets), Nike (selling apparel), Dell
(customized computers).

2. Marketplace Model

The Marketplace Model acts as an intermediary platform connecting buyers and

sellers. Unlike direct selling, the marketplace does not own the inventory but
facilitates transactions between independent sellers and consumers. These
platforms provide a secure environment, payment processing, logistics support,
and customer service.

 Key Features: Multiple vendors sell products under one platform, creating
a diverse marketplace.
 Advantages: No need for inventory management, wider customer base,
and scalability.

15
  Examples: Amazon, Flipkart, Alibaba, eBay – where third-party sellers
list products and compete.

3. Subscription-Based Model

In the Subscription-Based Model, customers pay a recurring fee (monthly,

quarterly, or annually) to access products or services. This model ensures a
steady revenue stream and fosters long-term customer relationships. It is widely
used for digital content, software, and even physical products.

 Key Features: Continuous service access, lower upfront costs for

consumers, predictable revenue for businesses.
 Advantages: Customer retention, recurring revenue, and personalization.
 Examples: Netflix, Spotify – Streaming services with monthly plans.
Amazon Prime – Subscription for faster shipping and exclusive content.

4. Dropshipping Model

The Dropshipping Model allows e-commerce businesses to sell products

without holding any inventory. The retailer acts as a middleman, forwarding
customer orders to a supplier or manufacturer, who then ships the product
directly to the buyer. This eliminates warehousing and inventory costs, making
it a low-risk model for startups.

 Key Features: No upfront inventory costs, supplier-dependent order

fulfillment, lower investment.
 Advantages: Easy to start, scalable, and low risk.
 Challenges: Supplier reliability issues, longer shipping times, and lower
profit margins.
 Examples: Oberlo (Shopify integration) – Helps businesses start
dropshipping with AliExpress suppliers.
AliExpress Dropshipping – Widely used by e-commerce entrepreneurs.

16
 5. Advertising Revenue Model

The Advertising Revenue Model relies on attracting a large audience to a free

platform and monetizing through advertisements. Businesses provide free
content or services and earn revenue from ad placements, pay-per-click (PPC)
campaigns, and sponsorships.

 Key Features: Free-to-use platform, ad-based monetization, traffic-driven

revenue.
 Advantages: Large-scale audience reach, no cost for users, multiple
revenue streams.
 Examples: Google Ads & YouTube – Earn from ad views and clicks.
Facebook & Instagram Ads – Generate revenue by offering targeted ads
to businesses.

6. Affiliate Marketing Model

In the Affiliate Marketing Model, a business promotes third-party products or

services and earns a commission for every sale made through its referral.
Affiliates use blogs, social media, or email marketing to drive traffic to the
merchant’s website.

 Key Features: No need for inventory or direct selling, commission-based

earnings.
 Advantages: Low investment, passive income potential, scalable.
 Examples: Amazon Associates – Bloggers and influencers earn
commissions by recommending Amazon products.
ShareASale, ClickBank – Affiliate networks connecting merchants with
marketers.

7. Freemium Model

17
The Freemium Model offers basic services for free while charging for premium
features, advanced tools, or additional content. This model is widely used in
SaaS (Software as a Service) and digital services.

 Key Features: Free-to-use basic version, optional paid upgrades.

 Advantages: Large user base, potential upselling opportunities.
 Examples: LinkedIn – Free networking with paid premium job search
features.
Dropbox, Google Drive – Free storage with premium expansion plans.

MODELS BASED ON TRANSACTION PARTIES

Model based on transaction parties categorizes different types of business and
government transactions. These classifications help in understanding how
different entities interact in economic and digital ecosystems. L

1. Business-to-Business (B2B)

Definition: B2B refers to transactions between two businesses. It includes

manufacturers, wholesalers, suppliers, and service providers who sell products
or services to other businesses rather than individual consumers.

Characteristics:

 Large volume transactions

 Focus on long-term relationships
18
  Negotiable pricing and contracts
 Bulk purchases
 Often involves credit terms

Examples:

 A car manufacturer purchasing tires from a supplier

 A software company providing cloud services to a corporation
 A mining equipment provider selling drilling rigs to a mining company

Common Platforms:

 Alibaba (B2B wholesale)

 Salesforce (CRM for businesses)
 SAP (Enterprise resource planning)

2. Business-to-Consumer (B2C)

Definition: B2C involves transactions between businesses and individual

consumers. It is the most common type of commerce where companies sell
products or services directly to end-users.

Characteristics:

19
  Mass-market targeting
 Fixed pricing
 Emotional and impulse-driven purchases
 Shorter sales cycles
 Requires strong branding and marketing

Examples:

 Amazon selling electronics to consumers

 Netflix providing streaming services
 A retail store selling clothes to customers

Common Platforms:

 Amazon, Flipkart (E-commerce)

 Netflix, Spotify (Subscription-based services)
 McDonald’s, Starbucks (Retail and food services)

3. Consumer-to-Business (C2B)

Definition: C2B is a transaction where individuals (consumers) offer products

or services to businesses. This model is common in freelancing, influencer
marketing, and content creation.

Characteristics:

20
  Individuals set terms or bid for work
 Businesses buy from consumers
 Technology enables easy access
 Payment can be per project or commission-base

Examples:

 Influencers promoting brands on social media

 Freelancers offering design or writing services on platforms like Fiverr
 Bloggers reviewing products in exchange for sponsorship

Common Platforms:

 Upwork, Fiverr (Freelancing)

 YouTube, Instagram (Influencer marketing)
 Shutterstock (Selling digital photos to businesses)

4. Consumer-to-Consumer (C2C)

Definition: C2C transactions involve consumers selling directly to other

consumers, often facilitated by an online marketplace or a third-party platform.

21
Characteristics:

 Individuals act as both buyers and sellers

 Transactions are often second-hand goods or peer services
 Platforms take a commission for facilitating the transaction
 Trust and reviews play a crucial role

Examples:

 Selling used phones on eBay

 Renting apartments on Airbnb
 Peer-to-peer lending through platforms like LendingClub

Common Platforms:

 eBay, OLX (Second-hand goods)

 Facebook Marketplace

E-GOVERNANCE IN E-COMMERCE :
E-Governance in e-commerce refers to the use of digital technology by
governments to regulate, facilitate, and secure online business activities. It plays
a crucial role in ensuring compliance, taxation, consumer protection, and
cybersecurity in the growing digital economy. Governments worldwide
implement policies to protect online shoppers, regulate cross-border
transactions, and support digital businesses. With advancements in AI, block
chain, and big data, e-governance is evolving to make e-commerce more
transparent, efficient, and secure.

Aspects of E-Governance in E-Commerce

1. Regulation & Compliance – Governments enforce tax laws, consumer

rights, and business licensing for e-commerce platforms.

2. Digital Taxation – Online businesses must comply with GST, VAT, and
digital tax filing regulations.

22
 3. Cybersecurity & Data Protection – Ensuring secure online transactions
and data privacy (e.g., GDPR, CCPA).

4. Dispute Resolution – Online consumer grievance redressal mechanisms

and digital courts.

5. Cross-Border E-Commerce Rules – Regulations on international trade,

customs, and counterfeit goods.

6. Digital Infrastructure – Government initiatives like broadband expansion

and digital payment systems to boost e-commerce

UNIT- 3
ELECTRONIC DATA INTERCHANGE

INTRODUCTION TO EDI
• Electronic Data Interchange (EDI) is a technology that enables businesses to
exchange documents and data in a structured electronic format. It replaces

23
traditional paper-based communication methods like fax, mail, and email,
allowing seamless and automated data transfer between systems. EDI is widely
used in supply chain management, healthcare, finance, and other industries to
improve efficiency, accuracy, and speed in transactions.

• Electronic Data Interchange EDI – is the exchange of business documents

between any Two trading partners in a standard or structured, machine readable
form. EDI is used to Electronically transfer documents such as purchase orders,
invoice, shipping bills, and Communicate with one another. A Specified format
is set by both the parties to facilitate Transmission of information. Traders use
Electronic Data Interchange EDI to exchange Financial information in
electronic form. Electronic Fund Transfer facility provided by Banks is an
example of Electronic Data Interchange EDI. EDI helps to eliminate paper
Based System, reduces data entry task and improves business cycle.EDI stands
for Electronic Data Interchange. EDI is an electronic way of transferring
Business documents in an organization internally, between its various
departments or Externally with suppliers, customers, or any subsidiaries. In
EDI, paper documents are Replaced with electronic documents such as word
documents, spreadsheets, etc.

BENEFITS OF EDI

A. Speed & Efficiency : Transactions that once took days via mail or
fax now take seconds.
B. Automates data exchange, reducing processing and approval time.
C. Cost Reduction : Eliminates expenses related to paper, printing,
postage, and storage.
D. Reduces administrative workload and manual data entry costs.
E. Accuracy & Error Reduction : Minimizes human errors caused by
manual data entry.
F. Security & Compliance : Uses secure transmission protocols like
AS2, FTP, or VANs.

24
 G. Complies with industry standards (ANSI X12, EDIFACT) and
regulatory requirements.
H. Stronger Business Relationships : Faster processing of orders,
invoices, and shipments improves partner relationships.

EDI WORKING (CONCEPTS & PROCESS)

EDI operates through structured document formats that are exchanged between
businesses over secure networks. The process includes:

Step 1: Document Preparation

Businesses generate transaction data (purchase orders, invoices, etc.) from

internal systems. Data is structured in an EDI-compliant format.

Step 2: EDI Document Translation

25
The data is converted into a standard EDI format (e.g., ANSI X12, EDIFACT)
using EDI software. Ensures consistency and standardization across trading
partners.

Step 3: Secure Data Transmission

 EDI documents are transmitted using secure communication protocols

like:
 AS2 (Applicability Statement 2) – Common for secure internet-based
EDI.
 FTP (File Transfer Protocol) – Transfers large files between systems.
 VAN (Value-Added Network) – A third-party network that ensures
secure and reliable transactions.

Step 4: Document Reception & Translation : The recipient’s EDI system

receives the document and translates it into a readable format for their internal
systems. The document is processed automatically, triggering business actions
like order fulfilment or payment processing.

Step 5: Integration & Automation

The received data is integrated into ERP, CRM, or supply chain systems for
automated processing. This enables real-time updates on inventory, order
tracking, and billing.

26
APPLICATIONS OF EDI IN VARIOUS INDUSTRIES

I. Supply Chain & Logistics

 Automated Order Processing – Reduces lead time in B2B transactions.

 Real-Time Inventory Updates – Helps suppliers track stock levels.
 Shipment Tracking & Notifications – Ensures timely delivery and
reduces delays.
Example: Amazon and Walmart use EDI to automate orders and manage
supplier networks efficiently.

J. Retail & E-Commerce

 Purchase Orders & Invoices – Automates transactions between retailers
and suppliers.
 Price & Product Catalog Updates – Ensures up-to-date listings across
platforms.
 Returns & Refunds Processing – Speeds up dispute resolution.

Example: EDI helps large retailers like Tesco and Carrefour manage thousands
of supplier transactions daily.

K. Healthcare & Pharmaceuticals

 Electronic Claims Processing – Reduces billing errors and speeds up
insurance reimbursements.
 Patient Record Exchange – Ensures secure and standardized medical data
sharing.
 Pharmaceutical Supply Chain – Tracks medicine shipments and
compliance with regulatory standards.

Example: EDI is used for HIPAA-compliant transactions in the U.S. healthcare

industry.

L. Finance & Banking

 Automated Payment Processing – Reduces errors in B2B financial
transactions.

27
  Electronic Invoicing & Tax Compliance – Ensures regulatory adherence.
 Fraud Detection & Security – Enhances transactional security using
encrypted EDI protocols

Example: Banks use EDI for automated clearinghouse (ACH) transactions and
cross-border payments.

M. Manufacturing & Automotive

 Supplier & Vendor Management – Automates procurement and reduces
supply chain disruptions.
 Just-In-Time (JIT) Inventory Management – Ensures smooth production
processes.
 Quality Control Documentation – Standardized reporting of
manufacturing defects and compliance.

Example: Car manufacturers like Ford and Toyota use EDI to manage parts
suppliers globally.

ELECTRONIC DATA INTERCHANGE (EDI) – DETAILED CONCEPTS

EDI Model : The EDI Model is a structured system that enables businesses to
exchange data electronically, eliminating manual processes. It involves three
main components:

1. Sender (Originating Business System) – A company generating data such

as purchase orders, invoices, or shipping notices.
2. EDI Translator – Software that converts business documents into a
standardized EDI format (e.g., ANSI X12, EDIFACT).
3. EDI Communication Network – A secure transmission channel (e.g.,
AS2, FTP, VAN) that delivers data to the recipient.
4. Recipient (Receiving Business System) – The trading partner’s system
that decodes and integrates the received data into its business applications
(ERP, CRM, or SCM).

28
EDI PROTOCOLS & DATA SECURITY
EDI uses various communication protocols and security mechanisms to ensure
data integrity, confidentiality, and authenticity.

1. UN/EDIFACT (United Nations EDI for Administration, Commerce, and

Transport)

A global EDI standard developed by the United Nations for cross-industry

transactions. It is used in international trade, shipping, finance, and
manufacturing. Standardizes document formats for seamless global data
exchange.

2. Data Encryption Standards for EDI Security

EDI transactions require encryption to protect sensitive business data. The most
commonly used encryption algorithms are:

A. DES (Data Encryption Standard) : A symmetric key algorithm that

encrypts data blocks into unreadable formats. Used historically in
EDI but now considered weak due to modern computing power.
Now it is by stronger algorithms like AES (Advanced Encryption
Standard).

B. RSA (Rivest-Shamir-Adleman Encryption) : An asymmetric

encryption system using public and private keys for secure data
exchange. Commonly used in digital signatures to verify
authenticity in EDI transactions. Ensures confidentiality, integrity,
and non-repudiation of documents.

29
EDI IMPLEMENTATION DIFFICULTIES:
1. High Initial Setup Cost – Requires investment in EDI software, secure
networks, and integration with existing systems like ERP and CRM
2. Complex Standardization & Compliance – Different industries and
regions use various EDI standards (ANSI X12, EDIFACT, HIPAA),
requiring custom configurations and regulatory compliance.
3. Technical Expertise & Maintenance – Skilled IT professionals are needed
for setup, troubleshooting, and regular updates, increasing dependency on
external vendors.
4. Security Risks & Data Protection – Sensitive business data is vulnerable
to cyber threats, requiring encryption (RSA, AES) and secure
transmission protocols (AS2, FTP, VAN).
5. Integration Challenges with Legacy Systems – Many businesses still use
outdated software that may not support modern EDI formats, leading to
compatibility issues.
6. Trading Partner Readiness – EDI requires all business partners to adopt
compatible systems, which can be a barrier if suppliers or customers lack
the necessary technology.
7. High Maintenance & Upgrading Costs – Continuous updates in
standards, security, and compliance require ongoing investment, making
long-term management expensive.

30
UNIT- 4

ELECTRONIC PAYMENT SYSTEMS

E-PAYMENT SYSTEM:
Electronic payment systems are central to on-line business process as
companies look for ways to serve customers faster and at lower cost. Emerging
innovations in the payment for goods and services in electronic commerce
promise to offer a wide range of new business opportunities.

Electronic payment systems and e-commerce are highly linked given that on-
line consumers must pay for products and services. Clearly, payment is an
integral part of the mercantile process and prompt payment is crucial. If the
claims and debits of the various participants (consumers, companies and banks)
are not balanced because of payment delay, then the entire business chain is
disrupted. Hence an important aspect of e-commerce is prompt and secure
payment, clearing, and settlement of credit or debit claims.

Electronic payment systems are becoming central to on-line business

transactions nowadays as companies look for various methods to serve
customers faster and more cost effectively. Electronic commerce brings a wide
range of new worldwide business opportunities. There is no Doubt that

31
electronic payment systems are becoming more and more common and will
play an Important role in the business world. Electronic payment always
involves a payer and a payee Who exchange money for goods or services. At
least one financial institution like a bank will act as the issuer (used by the
payer) and the acquirer (used by the payee).

TYPES OF ELECTRONIC PAYMENT SYSTEMS:

Electronic payment systems are proliferating in banking, retail, health care, on-
line markets, and even government—in fact, anywhere money needs to change
hands. Organizations are motivated by the need to deliver products and services
more cost effectively and to provide a higher quality of service to customers.
The emerging electronic payment technology labelled as electronic funds
transfer (EFT).

EFT is defined as ―any transfer of funds initiated through an electronic

terminal Telephonic instrument, or computer or magnetic tape so as to order,
instruct, or authorize A financial institution.

1. ELECTRONIC CASH (E-CASH)

Electronic Cash, or digital cash, is a virtual currency system that allows
users to make payments online without using traditional banking
channels. It is similar to physical cash but exists in a digital format.

Features of E-Cash

 Anonymity: Transactions can be anonymous, similar to using physical

cash.
 Security: Uses encryption to protect transactions.
 Instant Transactions: Eliminates delays in fund transfers.
 Divisibility: Can be divided into smaller denominations.

Examples of E-Cash

32
  Bitcoin and other cryptocurrencies.
 PayPal Balance, where users can store money digitally.
 Prepaid Digital Wallets like Paytm, Apple Pay, and Google Pay.

2. SMART CARDS AND ELECTRONIC PAYMENT

SYSTEMS:
Smart Cards are plastic cards embedded with a microprocessor chip that stores
financial and personal information. These cards enhance security and
convenience for electronic transactions.

Types of Smart Cards

1. Contact Smart Cards: Inserted into a card reader (e.g., credit/debit chip
cards).
2. Contactless Smart Cards: Uses NFC (Near Field Communication)
technology for tap-and-pay (e.g., Visa PayWave, Mastercard PayPass).
3. Hybrid Smart Cards: Supports both contact and contactless modes.

Advantages of Smart Cards in Payments

 Enhanced Security: Uses encryption and PIN authentication.

 Multiple Uses: Can be used for banking, transport, healthcare, and
identification.
 Offline Transactions: Can store value and process transactions without an
internet connection.

Examples of Smart Card-Based Payments

 EMV Chip Credit/Debit Cards (Europay, Mastercard, Visa).

 Prepaid Metro and Transport Cards (e.g., London Oyster Card, New York
MetroCard).
 E-Government and Healthcare Cards (e.g., Aadhaar-enabled Payment
Systems in India).

33
 3. CREDIT CARD-BASED ELECTRONIC PAYMENT SYSTEMS
Credit Card-Based EPS allows users to make payments using their credit cards
over electronic platforms such as online stores, ATMs, and POS (Point-of-Sale)
terminals.

Working of Credit Card-Based Payments

1. Cardholder Initiates Payment: Enters card details on a website or

swipes/taps at a POS machine.
2. Transaction Authorization: The merchant’s bank (Acquirer) sends a
request to the card issuer (Visa, Mastercard, etc.).
3. Verification & Approval: The issuing bank checks the card’s validity,
available credit limit, and fraud risk.
4. Transaction Completion: The amount is deducted from the cardholder’s
credit limit, and the merchant receives the funds.

Types of Credit Card Payments

 Card-Present Transactions: Swiping or tapping a card at a POS machine.

 Card-Not-Present (CNP) Transactions: Online payments using card
details.
 Recurring Payments: Monthly subscriptions (Netflix, Amazon Prime).
 EMI (Equated Monthly Installment) Payments: Large purchases split into
smaller payments.

Advantages of Credit Card-Based EPS

 Global Acceptance: Used worldwide for both online and offline

purchases.

34
  Convenience: No need to carry cash.
 Security Features: Includes OTP (One-Time Password), CVV (Card
Verification Value), and biometric authentication.

Examples of Credit Card-Based EPS

 Visa, Mastercard, American Express (Global Credit Card Networks).

 Online Payment Gateways (PayPal, Stripe, Razorpay, Square).
 Mobile Payment Apps (Apple Pay, Google Pay, Samsung Pay using
saved credit card details).
 Charge Cards (e.g., American Express)

RISKS IN ELECTRONIC PAYMENT SYSTEMS:

1. Fraud & Identity Theft – Cybercriminals can steal user

credentials and misuse payment details.
2. Hacking & Cyber Attacks – Payment systems are targeted
by malware, phishing, and ransomware.
3. Data Breaches – Unauthorized access to sensitive customer
data can lead to financial loss.
4. Transaction Failures & Errors – Technical issues may
cause double payments, failed transactions, or delays.
5. Phishing & Social Engineering – Scammers trick users into
revealing payment information.
6. Chargeback Fraud – Customers may falsely claim refunds,
causing business losses.
7. Regulatory & Compliance Risks – Non-compliance with
financial regulations can result in fines.
8. System Downtime – Payment gateway outages can disrupt
transactions and affect businesses.
9. Insider Threats – Employees or vendors with access may
exploit payment data.

35
 10. Weak Security & Encryption – Poor encryption can
expose transactions to interception.

UNIT – 5
SECURITY ISSUES IN E- COMMERCE

RISK IN E-COMMERCE

E-commerce platforms handle sensitive user data, including personal details, credit card
information, and banking credentials, making them a target for cybercriminals. Financial
fraud is a significant risk, where hackers use stolen payment details to make unauthorized
purchases. Identity theft occurs when cybercriminals access users’ personal information to
conduct fraud or impersonate them. Data breaches happen when hackers exploit
vulnerabilities in databases, exposing confidential information, leading to financial and
reputational losses for businesses. Phishing attacks trick users into revealing login
credentials and financial data through fake websites or emails. Malware and ransomware
attacks can infect e-commerce platforms, disrupting operations and stealing data. Denial-of-
service (DoS) attacks can overwhelm a website’s server, making it inaccessible to legitimate
users. Additionally, lack of proper security measures can lead to privacy violations and
legal consequences due to non-compliance with data protection laws.

SECURITY FOR E-COMMERCE

To mitigate risks, e-commerce platforms implement various security measures to protect

transactions and user information. Encryption secures data by converting it into an

36
unreadable format, ensuring that only authorized users can access it. Secure Socket Layer
(SSL) and Transport Layer Security (TLS) protocols encrypt data transmission, preventing
hackers from intercepting sensitive information. Multi-Factor Authentication (MFA)
enhances security by requiring multiple forms of verification, such as passwords, OTPs, or
biometrics, before granting access. Fraud detection and prevention systems use artificial
intelligence and machine learning to analyze transaction patterns and detect fraudulent
activities. Tokenization replaces sensitive payment information with unique tokens, reducing
the risk of data theft. Regular security audits and software updates help businesses
identify and fix vulnerabilities, ensuring compliance with security standards.

SECURITY STANDARDS

E-commerce businesses follow security standards to ensure the safety of online transactions
and protect customer data.

 PCI DSS (Payment Card Industry Data Security Standard) mandates security
guidelines for handling credit card transactions securely.
 ISO 27001 provides a framework for managing information security risks, helping
businesses implement effective security policies.
 Secure Electronic Transaction (SET) is a protocol that ensures the security of
online credit card payments by encrypting transaction data.
 General Data Protection Regulation (GDPR) enforces strict data protection and
privacy laws, ensuring that businesses handle user data responsibly.
 HIPAA (Health Insurance Portability and Accountability Act) applies to e-
commerce platforms dealing with healthcare-related transactions, ensuring the
security of medical data.

FIREWALL

A firewall is a security system that monitors and controls incoming and outgoing network
traffic based on predefined security rules. It acts as a barrier between a trusted internal
network and untrusted external sources, preventing unauthorized access. Packet-filtering
firewalls analyze data packets and block malicious traffic based on security policies. Stateful
inspection firewalls track active connections and filter traffic accordingly. Proxy firewalls

37
act as intermediaries between users and web servers, enhancing security by hiding internal
network details. Next-generation firewalls (NGFWs) combine traditional firewall features
with advanced threat detection, intrusion prevention, and deep packet inspection to protect
agains sophisticated cyber threats.

Types of Firewall:

There are different types of firewalls depending on where the communication is taking place,
Where the communication is intercepted and the state that is being traced.

 Network layer Firewall

 Application layer firewall

 Proxy server

 Network address translation

CRYPTOGRAPHY

Cryptography is essential for securing e-commerce transactions by encrypting data and

ensuring confidentiality, integrity, and authentication. Symmetric encryption (e.g., AES,
DES) uses a single key for both encryption and decryption, providing fast and efficient
security. Asymmetric encryption (e.g., RSA, ECC) uses a public-private key pair, ensuring
secure communication and authentication. Hashing algorithms (e.g., SHA-256, MD5)
generate unique hash values for data, ensuring integrity by detecting any unauthorized
changes. Digital signatures authenticate the sender’s identity and verify data integrity in
online transactions. Public Key Infrastructure (PKI) manages encryption keys and digital
certificates, enhancing e-commerce security.

38
KEY MANAGEMENT

Key management is crucial for ensuring the security of encrypted data in e-commerce
transactions. Key generation involves creating strong encryption keys using secure
algorithms. Key distribution ensures that only authorized users have access to encryption
keys through secure channels. Key storage protects keys from unauthorized access using
hardware security modules (HSMs) or encrypted databases. Key rotation and expiration
involve updating keys periodically to reduce the risk of compromise. Access control policies
restrict key usage to authorized personnel and applications, preventing unauthorized
decryption.

PASSWORD SYSTEMS

Strong password policies are essential for securing e-commerce accounts and preventing
unauthorized access. Complex passwords with a mix of uppercase and lowercase letters,
numbers, and special characters enhance security. Password hashing converts passwords
into irreversible hash values, preventing exposure in case of data breaches. Salting
techniques add random values to passwords before hashing, making them resistant to brute-
force attacks. Multi-Factor Authentication (MFA) strengthens security by requiring
additional verification steps, such as OTPs or biometric authentication. Password managers
help users store and manage complex passwords securely, reducing the risk of weak or reused
passwords.

DIGITAL CERTIFICATES

Digital certificates are electronic credentials that verify the authenticity of a website,
individual, or organization in e-commerce transactions. Issued by Certificate Authorities
(CAs), they ensure secure communication through SSL/TLS encryption. X.509 certificates
are widely used for website authentication, ensuring that users interact with legitimate
businesses. Extended Validation (EV) certificates provide higher trust levels by verifying
the organization’s identity. Code signing certificates authenticate software and applications,
ensuring they have not been tampered with. Email security certificates encrypt emails and
verify sender identities, preventing phishing attacks. Public Key Infrastructure (PKI)
manages digital certificates and encryption keys to ensure secure online transactions.

39
DIGITAL SIGNATURES

Digital signatures authenticate the identity of the sender and ensure data integrity in e-
commerce transactions. They use public-key cryptography, where the sender signs a
document with a private key, and the recipient verifies it using the corresponding public key.
Hashing algorithms generate unique fingerprints of data, ensuring that any alteration is
detected. Electronic signature standards such as PKCS#7 and XML Signature define
secure methods for signing and verifying digital documents. Legally recognized digital
signatures comply with regulations like the eIDAS (Electronic Identification,
Authentication, and Trust Services) Regulation in the EU, ensuring their validity in online
transactions. Blockchain-based digital signatures provide tamper-proof authentication,
enhancing security in decentralized e-commerce systems.

40
41