a)

Types of e-commerce[edit]
The major different types of e-commerce are:

Business-to-Business (B2B):

B2B e-commerce is simply defined as e-commerce between companies. This is the type of ecommerce that deals with relationships between and among businesses. About 80% of e-commerce
is of this type, and most experts predict that B2B e-commerce will continue to grow faster than the
B2C segment. The B2B market has two primary components: e-infrastructure and e-markets.

Business-to-Consumer (B2C):

Business-to-consumer e-commerce, or commerce between companies and consumers, involves

customers gathering information; purchasing physical goods (i.e., tangibles such as books or
consumer products) or information goods (or goods of electronic material or digitized content, such as
software, or e-books); and, for information goods, receiving products over an electronic network. It is
the second largest and the earliest form of e-commerce.

Business-to-Government (B2G):

Business-to-government e-commerce or B2G is generally defined as commerce between companies

and the public sector. It refers to the use of the Internet for public procurement, licensing procedures,
and other government-related operations. This kind of e-commerce has two features: first, the public
sector assumes a pilot/leading role in establishing e-commerce; and second, it is assumed that the
public sector has the greatest need for making its procurement system more effective. Web-based
purchasing policies increase the transparency of the procurement process (and reduces the risk of
irregularities). To date, however, the size of the B2G e-commerce market as a component of total ecommerce is insignificant, as government e-procurement systems remain undeveloped.

Consumer-to-Consumer (C2C):

Consumer-to-consumer e-commerce or C2C is simply commerce between private individuals or

consumers. This type of e-commerce is characterized by the growth of electronic marketplaces and
online auctions, particularly in vertical industries where firms/businesses can bid for what they want
from among multiple suppliers. It perhaps has the greatest potential for developing new markets.

Mobile Commerce (m-commerce):

M-commerce (mobile commerce) is the buying and selling of goods and services through wireless
technology-i.e., handheld devices such as cellular telephones and personal digital assistants (PDAs).
Japan is seen as a global leader in m-commerce. As content delivery over wireless devices becomes
faster, more secure, and scalable, some believe that m-commerce will surpass wireline e-commerce
as the method of choice for digital commerce transactions. This may well be true for the Asia-Pacific
where there are more mobile phone users than there are Internet users.

b)

A secure system accomplishes its task with no unintended side effects. Using the analogy of a house to
represent the system, you decide to carve out a piece of your front door to give your pets' easy access to the
outdoors. However, the hole is too large, giving access to burglars. You have created an unintended implication
and therefore, an insecure system.
In the software industry, security has two different perspectives. In the software development community, it
describes the security features of a system. Common security features are ensuring passwords that are at least
six characters long and encryption of sensitive data. For software consumers, it is protection
against attacks rather than specific features of the system. Your house may have the latest alarm system and
windows with bars, but if you leave your doors unlocked, despite the number of security features your system
has, it is still insecure. Hence, security is not a number of features, but a system process. The weakest link in the
chain determines the security of the system. In this article, we focus on possible attack scenarios in an eCommerce system and provide preventive strategies, including security features, that you can implement.
Security has three main concepts: confidentiality, integrity, and availability. Confidentiality allows only authorized
parties to read protected information. For example, if the postman reads your mail, this is a breach of your
privacy. Integrity ensures data remains as is from the sender to the receiver. If someone added an extra bill to the
envelope, which contained your credit card bill, he has violated the integrity of the mail. Availability ensures you
have access and are authorized to resources. If the post office destroys your mail or the postman takes one year
to deliver your mail, he has impacted the availability of your mail.

Security features
While security features do not guarantee a secure system, they are necessary to build a secure system. Security
features have four categories:
Authentication: Verifies who you say you are. It enforces that you are the only one allowed to logon to
your Internet banking account.
Authorization: Allows only you to manipulate your resources in specific ways. This prevents you from
increasing the balance of your account or deleting a bill.
Encryption: Deals with information hiding. It ensures you cannot spy on others during Internet banking
transactions.
Auditing: Keeps a record of operations. Merchants use auditing to prove that you bought a specific
merchandise.

c)
Online Debit
PIN-based debit transactions are fast, convenient and secure. In brick-and-mortar environments,
shoppers initiate online debit payments by swiping their debit cards through magnetic card
readers. The customers then key their secret codes into encryption devices called PIN pads. The
transactions are authorized in real time, funds in the customers' accounts are captured
immediately, and money is transferred into storeowners' accounts in two to three business days.
Merchants pay a nominal transaction fee. And because the customers authorize their purchases
with PINs, the risk to merchants of chargebacks is virtually nonexistent.
To accept online debit payments, you must have a merchant account, a debit processing service,
a payment terminal, a receipt printer and a PIN pad. Many payment processing companies offer
both credit and debit card services, but you must be approved for them separately. You can
obtain a terminal and printer with an integrated PIN pad or purchase a discrete, free-standing
PIN-entry device and connect it to your payment system. Just remember that your customers
must be able access the device and enter their codes in private.
Practically speaking, this type of debit transaction is currently available in the physical world only,
not the Internet. A number of financial institutions have introduced technology that may advance
the development of PIN-based debit processing on the Web, such as digital certificates,
smartcard solutions and compact disc-based systems. But no widely-accepted operating
standards have yet to be established.

Offline Debit
Unlike online debit transactions, offline debit payments do not involve PINs. Offline debit cards
(or check cards) are typically issued by credit card companies through their participating banks.
The cards may be used everywhere credit cards are accepted, including over the Internet.
In the physical world, customers who choose to make offline debit purchases must hand over
their check cards. Merchants swipe the cards through their payment terminals and complete the
debit sales the same way they process credit card transactions. The customers then sign sales
drafts that authorize the merchants to charge their accounts.
On the Web, customers enter check card information into browser-based forms, just as they
would for credit card purchases. The data is encrypted, captured by transaction processors and
sent to the credit card processing networks for authorization. Transactions normally settle in two
to three business days.
Because check card transactions are processed through the same networks as credit cards, they
often incur the same discount rates and transaction fees. If your business is already equipped to
process credit card transactions (for instance, you have a merchant account, a credit card
processing service and either a terminal and printer or payment-processing software), you should
also be able to process offline debit payments.
Making the Choice
Both forms of debit acceptance let merchants offer payment flexibility to their customers, which in
turn can capture impulse buying, generate higher-ticket purchases and improve customer loyalty.
But PIN-based debit transactions offer added advantages, such as:

The option to provide cash back to customers, which increases store traffic.
A fast way to move shoppers through the checkout line.
Virtual elimination of chargebacks and fraud.
Higher transaction approval rates.
Potential for additional revenues from surcharges.

The benefits are clear. With minimal investment, brick-and-mortar merchants can use PIN-based
debit transactions to help increase their sales and profits.
But what does the distinction between signature-based and PIN-based debit mean to your
business? If you're an Internet merchant, check card acceptance can give you access to buyers
who may not qualify for credit cards, such as teenagers. Plus, you receive funds from approved
transactions quickly and securely. Perhaps most important, you can accept signature-based
debit payments with relative ease because they're processed much like credit card sales.
If you own a business in the physical world, you enjoy the flexibility to process signature-based
debit payments as well as PIN-based transactions, which provide increased security and
opportunities to generate additional revenues.
Contact a payment service provider with experience in debit processing to learn about the
payment options that best suit your business--and discover how debit card acceptance can help
improve your company's bottom line.

d)
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message
or document. A valid digital signature gives a recipient reason to believe that the message was
created by a known sender, such that the sender cannot deny having sent the message

(authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital
signatures are commonly used for software distribution, financial transactions, and in other cases
where it is important to detect forgery or tampering.
Digital signatures are often used to implement electronic signatures, a broader term that refers to any
[1]
electronic data that carries the intent of a signature, but not all electronic signatures use digital
[2][3]
[4]
signatures.
In some countries, including the United States, India, and members of the European
Union, electronic signatures have legal significance.
Digital signatures employ a type of asymmetric cryptography. For messages sent through a
nonsecure channel, a properly implemented digital signature gives the receiver reason to believe the
message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten
signatures in many respects, but properly implemented digital signatures are more difficult to forge
than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically
based, and must be implemented properly to be effective. Digital signatures can also provide nonrepudiation, meaning that the signer cannot successfully claim they did not sign a message, while
also claiming their private key remains secret; further, some non-repudiation schemes offer a time
stamp for the digital signature, so that even if the private key is exposed, the signature is valid.
Digitally signed messages may be anything representable as a bitstring: examples include electronic
mail, contracts, or a message sent via some other cryptographic protocol.

Definition[edit]

A key generation algorithm that selects a private key uniformly at random from a set of possible
private keys. The algorithm outputs the private key and a corresponding public key.

A signing algorithm that, given a message and a private key, produces a signature.

How they work

For efficiency: The signature will be much shorter and thus save time since hashing is generally
much faster than signing in practice.

For compatibility: Messages are typically bit strings, but some signature schemes operate on
other domains (such as, in the case of RSA, numbers modulo a composite number N). A hash
function can be used to convert an arbitrary input into the proper format.

For integrity: Without the hash function, the text "to be signed" may have to be split (separated)
in blocks small enough for the signature scheme to act on them directly. However, the receiver of
the signed blocks is not able to recognize if all the blocks are present and in the appropriate
order.

What is Digital Cash?

Digital cash aims to mimic the functionality of paper cash, by providing such properties of
anonymity and transferability of payment. Digital cash is intended to be implemented data
which can be copied, stored, or given as payment (for example, attached to an email

message, or via a USB stick, bluetooth, etc). Just like paper currency and coins, digital
cash is intended to represent value because it is backed by a trusted third party (namely, the
government and the banking industry).
Most money is already paid in electronic form; for example, by credit or debit card, and by
direct transfer between accounts, or by on-line services such as PayPal. This kind of
electronic money is not digital cash, because it doesn't have the properties of cash (namely,
anonymous and off-line transferability between holders).

How does Digital Cash work?

The figure shows the basic operation. User A obtains digital cash "coins" from her bank (and
the bank deducts a corresponding amount from her account). The user is now entitled to
use the coins by giving them to another user B, which might be a merchant. B receives ecash during a transaction and see that it has been authorized by a bank. They can then pay
the cash into their account at the bank.

Two big problems

How can we guarantee anonymity? If the bank can see which coins it gives to A,
and later it sees the same coins coming back from B. it can infer that A has paid
them to B (possibly via an intermediary).

How can we avoid double spending? Because electronic files can be duplicated, a
big challenge for digital cash is how to stop users spending money twice. On-line
solutions achieve this by making the payee check with the bank before
acknowledging payment. Off-line solutions have to use more elaborate methods.

e) Mobile Commerce, or m-Commerce, is about the explosion of applications and services that are becoming
accessible from Internet-enabled mobile devices. It involves new technologies, services and business models. It
is quite different from traditional e-Commerce. Mobile phones impose very different constraints than desktop
computers. But they also open the door to a slew of new applications and services. They follow you wherever you
go, making it possible to look for a nearby restaurant, stay in touch with colleagues, or pay for items at a store.
As the Internet finds its way into our purses or shirt pockets, the devices we use to access it are becoming more
personal too. Already today, mobile phones know the phone numbersof our friends and colleagues. They are
starting to track our location. Tomorrow, they will replace our wallets and credit cards. One day, they may very
well turn into intelligent assistants capable of anticipating many of our wishes and needs, such as automatically
arranging for taxis to come and pick us up after business meetings or providing us with summaries of relevant
news and messages left by colleagues. But, for all these changes to happen, key issues of interoperability,
usability, security, and privacy still need to be addressed.
In particular, our Laboratory is researching new technologies and applying user-centered design principles in the
development of solutions to reconcile context-awareness and privacy in mobile and pervasive
computing environments. The following is a list of recent or ongoing projects:

Products and services available[edit]

Mobile Money Transfer[edit]
In Kenya money transfer is mainly done through the use of mobile phones. This was an initiative of a
multimillion shillings company in Kenya. Mobile money transfer services in Kenya are now provided
an (ZAP). the oldest has and is now generally used to refer to mobile money transfer services even by
other companies other than.

Mobile ATM[edit]
With the introduction of mobile money services for the unbanked, operators are now looking for
efficient ways to roll out and manage distribution networks that can support cash-in and cash-out.
Unlike traditional ATM, sicap Mobile ATM have been specially engineered to connect to mobile
money platforms and provide bank grade ATM quality. In Hungary, Vodafone allows cash or bank
card payments of monthly phone bills.

Mobile ticketing[edit]
Tickets can be sent to mobile phones using a variety of technologies. Users are then able to use their
tickets immediately, by presenting their mobile phone at the ticket check.Most number of users are
now moving towards this technology. Best example would be IRCTC where ticket comes as SMS to
users.

Mobile vouchers, coupons and loyalty cards[edit]

Mobile ticketing technology can also be used for the distribution of vouchers, coupons, and loyalty
cards. These items are represented by a virtual token that is sent to the mobile phone. A customer
presenting a mobile phone with one of these tokens at the point of sale receives the same benefits as
if they had the traditional token. Stores may send coupons to customers usinglocation-based
services to determine when the customer is nearby.

Content purchase and delivery[edit]

Currently, mobile content purchase and delivery mainly consists of the sale of ring-tones, wallpapers,
and games for mobile phones. The convergence of mobile phones, portable audio players, and video
players into a single device is increasing the purchase and delivery of full-length music tracks and
video. The download speeds available with 4G networks make it possible to buy a movie on a mobile
[8]
device in a couple of seconds.

Location-based services[edit]
Main article: Location-based service
The location of the mobile phone user is an important piece of information used during mobile
commerce or m-commerce transactions. Knowing the location of the user allows for location-based
services such as:

Local discount offers

Local weather

Tracking and monitoring of people

Information services[edit]
A wide variety of information services can be delivered to mobile phone users in much the same way
as it is delivered to PCs. These services include:

News

Stock quotes

Sports scores

Financial records

Traffic reporting

Customized traffic information, based on a user's actual travel patterns, can be sent to a mobile
device. This customized data is more useful than a generic traffic-report broadcast, but was
impractical before the invention of modern mobile devices due to the bandwidth requirements.

Mobile Banking[edit]
Main article: Mobile Banking
Banks and other financial institutions use mobile commerce to allow their customers to access
account information and make transactions, such as purchasing stocks, remitting money. This service
is often referred to as Mobile Banking, or M-Bankingg.

Mobile brokerage[edit]
Stock market services offered via mobile devices have also become more popular and are known as
Mobile Brokerage. They allow the subscriber to react to market developments in a timely fashion and
irrespective of their physical location.

Auctions[edit]
[when?]

[by

Over the past three years

mobile reverse auction solutions have grown in popularity.
whom?]
Unlike traditional auctions, the reverse auction (or low-bid auction) bills the consumer's phone
each time they place a bid. Many mobile SMS commerce solutions rely on a one-time purchase or
one-time subscription; however, reverse auctions offer a high return for the mobile vendor as they
require the consumer to make multiple transactions over a long period of time.

Mobile browsing[edit]
Main article: Mobile browser
Using a mobile browsera World Wide Web browser on a mobile devicecustomers can shop
online without having to be at their personal computer.

Mobile purchase[edit]
Catalog merchants can accept orders from customers electronically, via the customer's mobile device.
In some cases, the merchant may even deliver the catalog electronically, rather than mailing a paper
catalog to the customer. Some merchants provide mobile websites that are customized for the smaller
screen and limited user interface of a mobile device.

In-application mobile phone payments[edit]

Payments can be made directly inside of an application running on a popular smartphone operating
system, such as Google Android. Analyst firm Gartner expects in-application purchases to drive 41
percent of app store (also referred to as mobile software distribution platforms) revenue in 2016.

Mobile marketing and advertising[edit]

Main article: Mobile marketing
In the context of mobile commerce, mobile marketing refers to marketing sent to mobile devices.
Companies have reported that they see better response from mobile marketing campaigns than from
traditional campaigns.

f)
Secure Socket Layer (SSL)
Secure Socket Layer (SSL) is a protocol that encrypts data between the shopper's computer and the site's
server. When an SSL-protected page is requested, the browser identifies the server as a trusted entity and
initiates a handshake to pass encryption key information back and forth. Now, on subsequent requests to the
server, the information flowing back and forth is encrypted so that a hacker sniffing the network cannot read the
contents.
The SSL certificate is issued to the server by a certificate authority authorized by the government. When a
request is made from the shopper's browser to the site's server using https://..., the shopper's browser checks if
this site has a certificate it can recognize. If the site is not recognized by a trusted certificate authority, then the
browser issues a warning

Why SSL? The Purpose of using SSL Certificates

Why SSL? As a web developer, I have come across many customers who ask Why do I
need SSL? What will it do for me? This is an important question for anyone involved in
the web to understand. SSL is the backbone of our secure Internet and it protects your
sensitive information as it travels across the world. It keeps the Internet from being
ruled by anarchists and criminals and provides many direct benefits to you and your
customers.

Benefits of SSL
Why use SSL? To Encrypt Sensitive Information
The primary reason why SSL is used is to keep sensitive information sent across the
Internet encrypted so that only the intended recipient can understand it. This is
important because the information you send on the Internet is passed from computer to
computer to get to the destination server. Any computer in between you and the server
can see your credit card numbers, usernames and passwords, and other sensitive
information if it is not encrypted with an SSL certificate. When an SSL certificate is used,
the information becomes unreadable to everyone except for the server you are sending
the information to. This protects it from hackers and identity thieves.

Authentication
In addition to encryption, a proper SSL certificate also provides authentication. This
means you can be sure that you are sending information to the right server and not to a
criminals server. Why is this important? The nature of the Internet means that your
customers will often be sending information through several computers. Any of these
computers could pretend to be your website and trick your users into sending them
personal information. It is only possible to avoid this by using a proper Public Key
Infrastructure (PKI), and getting an SSL Certificate from a trusted SSL provider.
Why are SSL providers important? Trusted SSL providers will only issue an
SSL certificate to a verified company that has gone through several identity checks.
Certain types of SSL certificates, like EV SSL Certificates, require more validation than
others. How do you know if an SSL provider is trusted? You can use our SSL Wizard to
compare SSL providers(link) that are included in most web browsers. Web browser
manufactures verify that SSL providers are following specific practices and have been
audited by a third-party using a standard such as WebTrust.

g)

'Secure Electronic Transaction

A form of protocol for electronic credit card payments. As the name implies,
the secure electronic transaction (SET) protocol is used to facilitate the
secure transmission of consumer credit card information via electronic
avenues, such as the Internet. SET blocks out the details of credit card
information, thus preventing merchants, hackers and electronic thieves from
accessing this information.

History and development[edit]

SET was developed by the SET Consortium, established in 1996 by VISA and MasterCard in
[1]
cooperation with GTE, IBM, Microsoft, Netscape, SAIC, Terisa Systems, RSA, and VeriSign. The
consortiums goal was to combine the card associations' similar but incompatible protocols (STT from
Visa/Microsoft and SEPP from Mastercard/IBM) into a single standard.
The first review draft of the protocol was published February 1996 and the v1.0 standard document
was published in May 1997. Although there were several attempts to update or revise the protocol, no
[2]
official version was produced beyond 1.0. An official reference implementation developed by Terisa
[3]
Systems was announced in 1997.
In December 1997 Visa and Mastercard created an independent company, SET Secure Electronic
Transaction LLC (a.k.a. SETco), announcing American Express and JCB as cooperating members.
SETco managed the development and deployment of the protocol and was responsible for branding
and certification. Unofficial and informal interoperability testing among vendors occurred during
[4]
[5]
1997. Formal pilot tests began in 1998, but they were reportedly problematic.
SET allowed parties to identify themselves to each other and exchange information securely. Binding
[6]
of identities was based on X.509 certificates with several extensions. SET used acryptographic
blinding algorithm that, in effect, would have let merchants substitute a certificate for a user's creditcard number. If SET were used, the merchant itself would never have had to know the credit-card
numbers being sent from the buyer, which would have provided verified good payment but protected
customers and credit companies from fraud.
SET was intended to become the de facto standard payment method on the Internet between the
merchants, the buyers, and the credit-card companies. Despite heavy publicity to win market share, it
failed to gain widespread use. Reasons for this include:

Network effect - need to install client software (an e-wallet).

Cost and complexity for merchants to offer support, contrasted with the comparatively low cost
and simplicity of the existing SSL based alternative.

Client-side certificate distribution logistics.

Last n final
h)
EBay Inc. (EBAY) has grown to become a $56.7 billion market-cap provider of
online commerce platforms. The company's online auctions, fixed price offerings, and
PayPal payment system have become a popular way for individuals and businesses to
perform online transactions.

The company reported positive results for Q2 2012, with a revenue increase of 23% and
an earnings per share increase of 16%. Earnings per share for the quarter were $0.56 which
exceeded estimates by 1.8%. This was the third quarter in a row that eBay exceeded its
earnings estimates. This is also the third consecutive quarter where more than half of
eBay's PayPal revenue came from outside the U.S. PayPal now accounts for over half of
eBay's market-cap and is the company's primary driver of growth.

Daniel Nissanoff , author of "Futureshop: How the New

Auction Culture Will Revolutionize How We Buy, Sell, and
Get the Things We Really Want" (Penguin Press, Jan. 19,
2006, $24.95), discussed the new economy created by auction
Web sites.
He predicts that the online auction culture will explode,
completely changing consumerism as we know it, and
explains in his book how you can "trade-up" for the good life
with a little help from eBay. Nissanoff also forsees the
creation of new jobs and businesses to support the burgeoning
auction economy, such as authenticators, restorers,
consultants and an increase of shops that will help consumers
sell and package their wares.
A transcript follows .
Nissanoff is a Web entrepreneur who co-founded the online
facilitation company Portero, which specializes in the resale
of luxury goods. He has consulted with a number of Fortune
500 companies about business strategies for coping with the
challenges of the online secondary markets.

Amazon
Amazon.com, Inc. is an American international electronic commerce company with headquarters
[9][10][11]
in Seattle, Washington, United States. It is theworld's largest online retailer.
Amazon.com

started as an online bookstore, but soon diversified,

selling DVDs, VHSs, CDs, video and MP3downloads/streaming, software, video games, electronics,
apparel, furniture, food, toys, and jewelry. The company also produces consumer electronics
notably the Amazon Kindle e-book reader and the Kindle Fire tablet computerand is a major
provider of cloud computing services.
Jeff Bezos incorporated the company (as Cadabra) in July 1994 and the site went online as
[12]
Amazon.com in 1995. The company was renamed after the Amazon River, one of the largest rivers
[12]
in the world, which in turn was named after the Amazons, the legendary nation of female warriors
inGreek mythology.

History[edit]
The company was founded in 1994, spurred by what Bezos called his "regret minimization
framework", which described his efforts to fend off any regrets for not participating sooner in the
[15]
Internet business boom during that time. In 1994, Bezos left his employment as vice-president of D.
E. Shaw & Co., a Wall Street firm, and moved to Seattle. He began to work on a business plan for
what would eventually become Amazon.com.
After reading a report about the future of the Internet which projected annual Web commerce growth
at 2,300%, Bezos created a list of 20 products which could be marketed online. He narrowed the list
to what he felt were the five most promising products which included: compact discs, computer
hardware, computer software, videos, and books. Bezos finally decided that his new business would
sell books online, due to the large world-wide demand for literature, the low price points for books,
[16]
[17]
along with the huge number of titles available in print. Amazon was originally founded in Bezos'
[18]
garage in Bellevue, Washington.
The company began as an online bookstore, an idea spurred off with discussion with John Ingram of
Ingram Book (now called Ingram Content Group), along with Keyur Patel who still holds a stake in
[19]
Amazon. In the first two months of business, Amazon sold to all 50 states and over 45 countries.
[20]
Within two months, Amazon's sales were up to $20,000/week. While the largest brick and
mortar bookstores and mail order catalogs might offer 200,000 titles, an online bookstore could "carry"
several times more, since they had an almost unlimited virtual (not actual) warehouse: those of the
actual product makers/suppliers.

BIBLIOGRAPHY
en.wikipedia.org/wiki/E-commerce
www.ecommercetimes.com/
wordpress.org/plugins/tags/ecommerce
computer.howstuffworks.com/digital-signature.htm
www.cs.bham.ac.uk/~mdr/teaching/modules06/netsec/.../DigitalCash.htm...
mashable.com/category/mobile-commerce/
http://seekingalpha.com/article/807951-ebay-a-market-beating-investment-for-the-new-economy
www.amazon.com/about-Homepage/b?ie=UTF8&node...