A STUDY REPORT OF E-COMMERCE SITE

PAYPAL.COM
An e-commerce perspective

Submitted By:

Submitted To:

Mohit Rijal

Baikuntha Sigdel
Department of IT
Nepal Commerce Campus
Tribhuvan University

New Baneshwar, Kathmandu,

July, 2014

A Study on Paypal.com

ACKNOWLEDGEMENT
Almost all the aspect of our life is being digitized today. E- xxx are being so much
popular such as e-commerce, e-marketing, e-payment, e-governance, e-learning etc.
In business sector also those e prefix is being added day by day. Due to this reason
many universities including Tribhuvan University has included e-commerce in the
course of BBA and other business management related courses. To expose students
toward more practical approach of e-commerce, TU has prescribed to prepare the
report bystudying certain website of e-business. This report STUDY REPORT ON
PAYPAL.COM is prepared as per the prescription of University.
We, the team members, choose this topic of study not on hap-hazard; we believe that
any study should be carrying importance, value, and identity. Unlike simple or usual
e-commerce site such as eBay, amazon, virtual mall, we have chosen a payment site
of e-business. Everyone knows PayPal as a payment mechanism but they hardly think
it as a separate e-commerce site. Therefore we conducted the study of PayPal to
prepare the report on the topic.
We have no words that can be sufficient to address the great support provided by our
respected teacher BaikunthaSigdel while conducting this study, from topic selection
to final report preparation our sir provided us the guidelines and without which this
report would not have been even existed.
We are thankful to our friends for their continuous encouragements and valuable
suggestions while we were in dilemma. Finally, we express our gratitude toward our
college Nepal Commerce Campus which provided us the platform to conduct the field
visit, without whose support, the idea of this study and report preparation would not
have emerged.
For the readers of this report it is requested that please comment on our report writing
so that we can improve our report writing skill.

A Study on Paypal.com

ABSTRACT
I hereby declare that the work reported in this report entitled STUDY REPORT OF
E-COMMRCE SITE PAYPAL.COM submitted to department of IT, Nepal
Commerce Campus, Tribhuvan University, is our original work done in the form of
partial fulfillment of the requirement of BBA program E-commerce course of sixth
semester under the supervision of BaikunthaSigdel, Nepal Commerce Campus.

Mohit Rijal
BBA program, sixth semester,
Nepal Commerce Campus

A Study on Paypal.com

APPROVAL
We have concluded the viva-voice examination of the report presented by Mohit Rijal
entitled STUDY REPORT OF E-COMMRCE SITE PAYPAL.COM and found the
report to be the original work and according to the prescribed format. We recommend
the report to be accepted as partial fulfillment of the requirements for E-commerce
subject of BBA program.

(BaikunthaSigdel)

Internal Evaluator

)
External Expert

A Study on Paypal.com

CONTENTS
Acknowledgement

Abstract

ii

Approval

iii

Content

iv

List of Table

vi

List of Figures

vi

Abbreviations

vii
CHAPTER-IINTRODUCTION

1.1.

Background of the study

1
1.1.1.
Why paypal.com to study
1.1.2.
Objectives of the study
1.1.3.
Research methodology
1.1.4.
Limitation of the study
1.2.
General introduction to paypal.com
1.2.1.
Host company and is background
1.2.2.
History of PayPal
1.2.3.
Product line of PayPal
1.2.4.
Benefit of PayPal
1.2.5.
Limitation of PayPal

1
1
2
2
2
2
3
4
4
5

CHAPTER-IIBUSINESS MODEL
2.1.

Business models used by PayPal

6
2.1.1.
On the basis of involvement of parties
2.1.2.
On the basis of style of transaction
2.2.
Working Principle of model
2.3.
Price discovery mechanism

6
6
6
8

CHAPTER-IIINETWORK INFRASTRUCTURE
3.1.

Introduction to network infrastructure

3.2.

9
Network infrastructure of PayPal

3.3.
3.4.

9
Network architecture
Network protocols used by network
CHAPTER-IV ELECTRONIC PAYMENT SYSTEM

10
11

A Study on Paypal.com

4.1.

Introduction to payment system

4.2.

12
Requirement of payment system

4.3.

13
Payment system used by website

4.4.

14
Limitation of payment system
15
CHAPTER-V NETWORK SECURITY

5.1.

Introduction to network security

16
Dimension of e-commerce security
5.2.1.
Confidentiality
5.2.2.
Integrity
5.2.3.
Non repudiation
5.2.4.
Authenticity
5.2.5.
Availability
5.3.
Major security threats faced by website
5.2.

18
5.4.
Security measures of PayPal
5.4.1.
Firewall
5.4.2.
Cryptography
5.4.3.
Digital certificate and certification authority
5.4.4.
SET protocol

16
16
17
17
17
17

18
18
20
21
22

CHAPTER-VI MARKETING STRATEGY OF WEBSITE

6.1.
6.2.

Introduction to e-marketing
Marketing strategies of website

23

23
CHAPTER-VII CONCLUSION AND RECOMMENDATION
7.1.
7.2.

Conclusion
Recommendation
25

References
Appendices

25

A Study on Paypal.com

LIST OF TABLES
SN

Title

Page

5.1

security dimensions

17

LIST OF FIGURES
SN

Title

Page

2.1

working principle of C2C model

2.2

How PayPal connects parties and their banks

3.1

PayPal Infrastructure

10

3.2

PayPal SOAP architecture

11

5.1

PayPal firewall

20

5.2

Website verification through CA

22

A Study on Paypal.com

ABBREVIATIONS
B2B

Business to Business

B2C

Business to Consumer

BBA

Bachelor in Business Administration

C2B

Consumer to Business

C2C

Consumer to Consumer

CA

Certification authority

DNS

Domain Naming system

e.g.

Example

Etc.

Et cetera

HTTP

Hypertext Transfer Protocol

i.e.

That is

ID

Identity

PDA

Personal Digital Assistants

SEO

Search Engine Optimization

SET

Secure Electronic Transaction

SMTP

Simple Mail Transfer Protocol

SOAP

Simple Object Access Protocol

SSL

Secure Socket Layer

TU

Tribhuvan University

US

United States

A Study on Paypal.com

CHAPTER-I
INTRODUCTION
1.1

Background of the study

E-commerce is increasing day by day. Different techniques of doing business
online have emerged. Different innovative techniques are now being used and
introduced as well. Thats why learning e-commerce is prescribed in the BBA
course also. We, the students are also required to prepare a report of ecommerce business in order to utilize the theoretical knowledge in the real
world scenario. To be more specific the main reason behind the preparation of
this report is to fulfill the partial fulfillment requirement of course content. We
have chosen paypal.com to study about.

1.1.1 Why paypal.com to study

To prepare the report, there are many sites and business models such as virtual
stores, auction sites etc. But we choose a newer kind of business in the ecommerce that is managing fund transfer in the e-business.
Of course, we could have done the report of those traditional business sites,
the product lines of those sites are huge, the marketing strategies are many and
while collecting those all information the report would have been bulky also.
But what we focused is novelty, although, these payment transfer service
providers are ignored by persons while making the report that they are also
under the family of e-commerce. Thats why we have chosen paypal.com

1.1.2 Objectives of the study

Our objectives behind the preparation are as follows:
To fulfill the course requirement of E-commerce syllabus.
To learn how to apply theoretical knowledge in the real life field
To find out how PayPal is significant site for other e-commerce sites
To analyze PayPal as a e-business
To find out the various services and marketing of paypal.com
To develop the report writing skills

1.1.3 Research methodology

Research methodology is a way to systematically solve the research problem.
It refers to the various sequential steps that are to be adopted by a researcher
during the course of studying the problem with certain objectives.

A Study on Paypal.com

In this portion the data collection methodology is intended to express. The

primary source of information is not possible due to several reasons. All the
information collected are through internet surfing. We visited various websites
to get knowledge about it.

1.1.4 Limitation of the study

Our study has the following limitations:
1. There is no primary data collection.
2. Some of the major secondary sources are not authentic such as
en.wikipedia.org, slideshare.net etc.
3. Report is not so comprehensive to include all the operational
techniques of PayPal

1.2

General introduction of paypal.com

In this section we will be discussing about the company(PayPal) background
and introduction, its history, product lines of the website, benefits of the
websites and limitations of the websites.

1.2.1 Host company and its background

In e-business PayPal is not a new term. The Slogan of it is The money in the
E-mail. As mentioned in the slogan it is serving its customer in the online
payment. It utilizes existing infrastructures such as bank accounts, credit, and
debit cards along with security systems to enable secure and immediate
electronic payments. It is an alternative to traditional credit card
transactions, and offers the assurance that third-party transactions allow.
PayPal is an online payment service that allows individuals and businesses to
transfer funds electronically. One can use it to pay for online auctions,
purchase goods and services, or to make donations. One can even use it to
send cash to someone.Funds transferred via PayPal reside in a PayPal account
until the holder of the funds retrieves them or spends them. If the user has
entered and verified their bank account information, then the funds can be
transferred directly into their account.
PayPal now boasts more than 100 million accounts worldwide.

1.2.2 History of PayPal

The company, originally called Field Link, was founded by Max Levchin, an
online security specialist, and Peter Thiel, a hedge fund manager in 1998.
Levchin and Thiel joined forces, received $3 million in funding from the
Nokia Corporation for this venture, which offered encryption software for
handhelds. PayPal was launched in October of 1999 with six employees.
Between January and August 2000, PayPal surged from 12,000 accounts to 2.7
million. June 2000, PayPal introduced accounts for businesses. By the end of

A Study on Paypal.com

2001, more than one-fifth of PayPal's 12.8 million accounts were business
accounts. July 2000 approximately 2 million eBay listings accepted PayPal
payments, five times as many as BillPoint Inc., eBay's payment service. By
the following October, PayPal was being used to pay for 25 percent of all
eBay transactions. The company had grown to 500 employees who were
processing over 120,000 transactions, worth in total about $6 million, every
day. In 2002 PayPal purchased by eBay, the operator of its main competitor,
Billpoint for $1.5 billion in eBay stock, which gave eBay more control, and
increased the profit made from each transaction from 7 to 10 percent. EBay
subsequently closed its Billpoint operation, and announced that PayPal cease
to be available for online gambling. EBay elected to let PayPal continue to
operate in the area of online pornography, which unlike gambling was legal. In
2003, PayPal discontinued the offer of its services on adult-content websites,
citing high fraud rates. By this time PayPal successfully addressed many of its
customer service problems.

1.2.3 Product line of website

To use service of PayPal one has to open the account on PayPal. While signing
up there are 3 options available for them. Those 3 options may be called the
product line of the PayPal. They are1. Personal account:
It is ideal for online Shopping. Sending and receiving payments
through PayPals secure network.
2. Premier account:
It is perfect for buying and selling on eBay or merchant websites.
3. Business account:
This is the choice for online business. Accept all payment types for low
cost.
However each account is enriched with the following features which can also
be called the product line:
1.
2.
3.
4.
5.
6.
7.
8.

Send Money
Request Money
Auction Tools
Website Payments
Money Market
Virtual Debit Card
Account Insurance
E-mail Customer service

A Study on Paypal.com

1.2.4 Benefits of PayPal

The main objective of the PayPal is to provide secure payment. Thus security
is not only the benefit but also the product of PayPal. The following are the
benefits of PayPal
1. PayPal automatically encrypts your confidential information in transit
from your computer to ours using the Secure Sockets Layer protocol
(SSL) with an encryption key length of 128-bits (the highest level
commercially available). Before you even register or log in to the
PayPal site, our server checks that you're using an approved browser one that uses SSL 3.0 or higher. Easier procedure to make account and
utilize it
2. PayPal does not charge for consumers for the payment they assisted.
3. For business very low charge as compared to the merchant credit card
account.
4. There is no need of giving credit card to the merchant, neither PayPal
gives confidential information to the merchant. Thus higher privacy
can be achieved.
5. It is not concerned with the material the consumer purchase. So
anonymity of the purchase can be maintained. In many cases this
becomes very much important factor for buyers.

1.2.5 Limitations of PayPal

Although PayPal is leading online payment system, there are several
limitations and challenges of the website. The following are the limitations of
the website:
1. PayPal is not followed by all the merchants because of various reasons
such as their own payment gateway mechanism, high competition etc.
So having account on PayPal does no ensure consumer that they no
more need to give credit card to merchant. Instead the complexity
increases as the number of merchants increase.
2. PayPal as purchased by eBay primarily focus on eBay customers, it
shades the interest of other customer.
3. PayPal is not much focusing on marketing. That is why it has failed to
grab the total market opportunity.
4. Many dissatisfied customers are blaming that they need to create new
account even if they are already having account due to login failure.

A Study on Paypal.com

CHAPTER-II
BUSINESS MODEL
2.1.

Business model used by PayPal

Business model defines how business manages the business operation to survive.
The business model is basically dedicated to show the details about how the
business manages the flow of product or service (in other word how product and
service flows in the business) and how funds flow in the business to get reward of
e-business.
A business model of the business e-business can be classified into 2 basis- viz. on
the basis of involvement of the party and on the basis of style of transaction

2.1.1.

On the basis of involvement of parties

On the basis of parties involved, there are 4 types of business models B2B,
B2C, C2C, and C2B. The business model followed by PayPal is C2C model.
It connects its customers in a common platform and makes transaction
possible. It facilitates parties to transfer money via e-mail also. The working
principles and price discovery mechanism of this model will be explained in
next section.

2.1.2.

On the basis of style of transaction

On the basis of style of transaction there are various types of business model
such as brokerage model, infomediary model, aggregator model, value chain
model, community model etc. As PayPal links the 2 parties usually a payer
and a seller it can be called brokerage model. It acts like a broker between the
parties. For example if someone buys books from eBay, then s/he chooses to
pay with PayPal and hence it became a trusted broker between eBay and the
customer.

2.2.

Working principle of model

The working principle is the graphical representation of the overall functionality

of the business. How a business performs all the activity, how each component is
linked and organized can be easily observed through working principle.
The following figure shows the working principle of C2C model.

A Study on Paypal.com

Figure 2.1 working principle of C2C model

As shown in above figure this model connects consumer and another consumer
into a single server which is maintained by PayPal. Two customers of PayPal
involve in business and the physical settlements are done with them which are out
of scope of PayPal. The payment is made through PayPal. The arrow directed to
both side means the funds can from any consumers to any others. The information
about funds transfer also moves two ways.

Figure 2.2: How PayPal connects parties and their banks

A Study on Paypal.com

2.3.

Price discovery mechanism

PayPal has interestingly two methods of price discovery mechanism or say it

generated profit on two ways:
1. Online sellers (who may be individuals or small business that do not want
difficulties or higher fees associated with obtaining merchant credit card
account.) pay small transaction fee for service (rate varies as per country)
that is lesser than they have to pay for credit card transaction. But it does
not charge for consumers.
2. PayPal earns revenues by collecting the interest earned on consumer funds
not yet transferred out of the PayPal system.

A Study on Paypal.com

CHAPTER-III
NETWORK INFRASTRUCTURE
3.1.

Introduction of network infrastructure

A network infrastructure is an interconnected group of computer systems linked

by the various parts of telecommunications architecture. Specifically, this
infrastructure refers to the organization of its various parts and their configuration
from individual networked computers to routers, cables, wireless access points,
switches, backbones, network protocols, and network access methodologies.
Infrastructures can be either open or closed, such as the open architecture of the
Internet or the closed architecture of a private intranet. They can operate over
wired or wireless network connections, or a combination of both.
While discussing about network infrastructure one must not skip I-way (a leading
buzzword in e-commerce) but it mainly explains about the high capacity,
interactive electronic pipeline to the home or office that is capable of
simultaneously supporting a large number of electronic commerce applications
and providing interactive phone-like connectivity between users and services and
between users and other users.

3.2.

Network infrastructure of PayPal

PayPal is internet based payment system, so it needs active internet connection to

operate. The customer can access PayPal from different devices such as desktop,
laptop, mobile phone, PDA etc. They open the account there by providing their
details (such as name, e-mail, credit-card no. etc.) then user can send money to
other parties with whom they are dealing. The PayPal checks the balance in bank
and pays the due amount to the merchant.
The following figure makes clear about the network infrastructure of PayPal:

A Study on Paypal.com

PayPal users
Computers, laptops, mobile and others

Web servers

Bank database

Application server

Respective Banks server

Data server

Figure 3.1 : PayPal Infrastructure

3.3.

Network architecture

Network architecture is the design of a communications network. It is a

framework for the specification of a network's physical components and their
functional organization and configuration, its operational principles and
procedures, as well as data formats used in its operation.
The following figure shows the architecture of PayPal SOAP (Simple Object
Access Protocol)

A Study on Paypal.com

Figure 3.2: PayPal SOAP architecture

3.4.

Protocols used by network

Protocols are the set of rules that determine the how the data transfer over the
network takes place. There are several protocols used by PayPal:

1. Hyper Text Transfer Protocol (HTTP):

HTTP is a file transfer protocol used by the World Wide Web. It stands for
hypertext transfer protocol. It is the client/server protocol defined by
which a web client request and a web server responds to initiate and
maintain the flow of content between client and server.

2. Simple Mail Transfer Protocol (SMPT):

It is a set of communication guidelines that allow software to transmit
email over the internet.

3. Domain Name System (DNS):

It helps to resolve IP to domain name and vice versa

4. Simple object access protocol(SOAP):

They provide the access to its consumers about sites.

10

A Study on Paypal.com

CHAPTER-IV
ELECTRONIC PAYMENT SYSTEM
4.1.

Introduction to payment system

Electronic payment refers to financial transactions that are made without the use
of paper documents such as checks or notes.
Electronic payment is a subset of an e-commerce transaction to include electronic
payment for buying and selling goods or services offered through the internet.
Generally we think of electronic payments as referring to online transactions on
their internet, there are actually many forms of electronic payments, as technology
developing, the range of devices and processes to transact electronically continues
to increase while the percentage of cash and check transactions continues to
decrease.
Electronic payment is an integral part of electronic commerce. Broadly defined,
electronic payment is a financial exchange that takes place online between buyers
and sellers. The content of this exchange is usually some form of digital financial
instrument (such as encrypted credit card numbers, electronic checks, or digital
cash) that is backed by a bank or an intermediary, or by legal tender. Three factors
are stimulating interest among financial in-situations in electronic payments:
decreasing technology costs reduced operational and processing costs, and
increasing online commerce.
There are various types of payment system:
1. Banking and financial payments
Large- scale or wholesale payments
Small-scale or retail payments
Home banking
2. Retailing payments
Credit cards (eg, VISA or Master Card)
Private label credit/ debit cards (eg, J.C. Penney Card)
Charge cards (eg, American Express)
3. On-line electronic commerce payments
Token-based payment systems
Electronic cash (eg, DigiCash)
Electronic checks (eg, NetCheque)
Smart cards or debit cards (eg, Mondex Electronic Currency Card)
Credit card-based payment systems
Encrypted credit cards (eg. World Wide Web form- based encryption)
Third party authorization numbers (eg, First Virtual)

11

A Study on Paypal.com

As we are discussing from e-commerce perspective, the third category of the

payment system (i.e. online electronic commerce payment system) is more
relevant to discuss.
These online payment systems developed due to their great advantages.
Traditional checks are not only time consuming but also more risky for protection
and authentication. It would have been difficult to protect bare money and is
check would have been used then the exchange of check would have been the
greatest problem. The online payment makes payment all time available, more
reliable, more secure and faster than others. Still some of the limitations are still
with the online payment system difficulty to manage plus afford the online
payment system in all area, peoples trust toward these payment systems,
managing floating currency are some difficulties.

4.2.

Requirement of payment system

There are several essential requirements and consequential requirements which should
be met by e-payment systems, and they are:

Payment security, which requires that any payment authorization is not

tampered with by a hacker on the internet.

Privacy of transaction requires that the third parties do not k now for what
goods and services one is paying. This also requires that the credit card

number (transmitted over the internet) is not stolen by an eavesdropper.

The payment system integrity should be assured. In other words, once an
agreement is reached between a buyer and a seller neither can go back on their

commitment.
The customer and a merchant should be able to authenticate one another. In
e-payment there is no physical contact between two parties. There is no signed

paper transaction. Thus, establishing mutual identities is essential.

Indivisibility, each payment transaction should be either whole or none. In
other words, transactions should not be interrupted in the middle. If some
malfunction occurs during a transaction, the whole transaction should be

aborted and the state restored to the initial state.

Isolated, each transaction should be independent of others.
Agreed, both parties involved in the transaction should mutually agree on the
terms and conditions.

12

A Study on Paypal.com

Reversible, if after conclusion of a transaction an error is found or if it is

found that terms and conditions are not fully met, one should be able to

reverse the payment and go to the initial state.

Standardized, the system should be acceptable across computing platforms.
In other words, a universally accepted standard should be used to ensure inter-

operability.
Scalable, the system should be able to handle several transactions
simultaneously. Infrastructure should not breakdown if new customers and

merchant join.
Anonymity, identity of the customer should be protected.
Convertibility, digital money should be able to be converted to any type of

fund.
Efficiency, cost per transaction should be near to zero.
Integration, interfaces should be created to support the existing system.
Reliability, it should avoid single point of failure.
Usability, payments should be as easy as in the real world.

4.3.

Payment system used by website

You can link your bank or card when you sign up for your account or when you're
ready to make your first purchase. When you make a payment or send money,
PayPal first uses your PayPal balance to cover the payment. If your PayPal
balance doesn't cover the amount, we'll use the bank account, credit card, or debit
card you have linked to your account.
As we know that PayPal itself is the payment mechanism. They payment system it
needs is the charge for its money transferring service. Other different website may
mention PayPal as a payment system they offer for the customer. But for PayPal
itself, it is its operation.While signing up in the PayPal network we have to give
either bank account number or credit card or debit card number.

4.3.1.

Credit card

PayPal should be provided with the credit card (at option), then as we request
the PayPal manages the funds accordingly and deduct its charge as per agreed
rate. So, primary payment system used by PayPal is credit card transaction.

4.3.2.

Debit Card

Debit cards are like credit card without deferral allowed to the customer. That
is why it is not so much popular these days. Still if consumer (or business)
chooses the debit card to access money form the bank PayPal supports it.

4.3.3.

13

Bank account

A Study on Paypal.com

PayPal should be provided with bank account number and it directly deposits
onto bank or withdraws from the bank, as per the situation. These three
options are provided to the consumers of PayPal.

4.4.

Limitation of payment system

It is the matter of degree how much insecure is any system but no system is 100%
secure and reliable. Although PayPal claims it to be the most secure payment with
maximum encryption that is commercially available. There are some limitations of
payment system:
1. Many customer reports that they needed to create new account while they
were already having PayPal account due to login failure.

14

A Study on Paypal.com

CHAPTER-V
NETWORK SECURITY
5.1.

Introduction to network security

Network security consists of provisions and policies adopted by a network

administrator to prevent and monitor unauthorized access, misuse, modification or
denial of a computer network and network accessible resources. Network security
involves the authorization of access to data in a network, which is controlled by
the network administrator.
Security is often viewed as the need to protect one or more aspects of networks
operation and permitted use (access, behavior, performance, privacy and
confidentiality included). Security requirements may be Local or Global in their
scope, depending upon the networks or internetworks purpose of design and
deployment.
Criteria for evaluating security solutions include ability to meet the specified
needs and requirements, effectiveness of approach across networks, quality and
scalability, availability of monitoring mechanisms, adaptability, flexibility,
practicability, from sociological or political perspective economic consideration
and sustainability.
Study of methods of analysis of security requirements and needs of such system
and consequent design, implementation and deployment is the primary scope of
the discipline named Network Security.

5.2.

Dimensions of ecommerce security

E-commerce security is the protection of e-commerce assets from unlawful

access, use, modification, or demolition. Absence of an effective E-commerce
security program can be ruinous even leading to loss of business revenue and
badly affecting integrity of the firm.

5.2.1.

Confidentiality

It is the protection against unauthorized data disclosure. It is the ability to

ensure that messages and data are available only to authorized viewers. One
type of confidentiality security breach is sniffing in which a program is
used to steal proprietary information on a network including e-mail messages,
company files, or confidential reports.

5.2.2.

Integrity

It is the prevention against unauthorized data modification. This is the ability

to ensure that information being displayed on a web site or being transmitted/

15

A Study on Paypal.com

received over the internet has not been altered in any way by an unauthorized
party. It maintains the atomicity of data. Modification means writing,
changing or deleting the data of the particular system.

5.2.3.

Non-repudiation

It is the prevention against any one party form reneging on an agreement after
the fact. It is the ability to ensure that e-commerce participants do not deny
their online actions. For example: The non-repudiation security breach is a
customer ordering merchandise online and later denying that he or she had
done so.

5.2.4.

Authenticity

It is the authentication of data source. It is the ability to identify the identity

of a person or entity you are transacting with on the internet. It ensure that the
user who is requesting service from the system is the legitimate user and
access is only given to such users. For example one instance of an
authenticity security breach is spoofing, in which someone uses a fake email address, or possess as someone else.

5.2.5.

Availability

Availability means that assets are accessible to authorized parties at

appropriate time. Availability prevents denial authorized access. Availability
is the ability to ensure that an e-commerce site continues to function as
intended.
If any of these goal of the security has not met, then the website is not secure
for e-commerce.
Dimensions
Confidentiality

Customers Perspectives
Merchants Perspectives
Can someone other than the Are
messages
or
intended

recipient

read

messages?

my confidential

data

accessible to anyone other

than those authorized to

Integrity

view them?
Has information i transmitted or Has data on the site
received been altered?

(www.paypal.com)
altered

without

authorization?
being

16

been

Is

received

Non-

customers valid?
Can a party to an action with me Can a customer

repudiation

later deny taking the action?

ordering products?

data
from
deny

A Study on Paypal.com

Authenticity

Who am I dealing with? How What is the real identity of

can I be assured that the person the customer?
or entity is who they claim to

Availability

be?
Can I get access to the site Is
(www.paypal.com)?

the

site

(www.paypal.com)
operational?

Table 5.1: security dimensions

5.3.

Major security threats faced by website

Although PayPal claims site to be purely secure, the following are the customer
complaint about the sites:
1. PayPal account is characterized by login failure, the service is not available at
any time we need.
2. In many situations firewall blocked connecting with PayPal.

5.4.

Security measure of PayPal

5.4.1.

Firewall

Firewall is as internetwork security device that serves on the only access

route that connects the internal network or internetwork (i.e the segment to be
protected) to the external network(s) or internetwork(s) and decides about
physically allowing or denying entry or exit to or from the protected segment
using a set of policies (often manifested in terms of rules) is called a Firewall.
A firewall may be implemented in hardware or software or a combination of
these.
Firewall is frequently used to prevent unauthorized Internet users from
accessing private networks connected to the Internet, especially intranets. All
messages entering or leaving the intranet pass through the firewall, which
examines each message and blocks those that do not meet the specified
security criteria.
As part of an Internetwork Security System, a firewall:
allows defining exit and entry points for traffic from and to the

internal protected network or intranet

offers a set of mechanisms and a set of location or a points for

supervising security-sensitive activities or events or behavior

provides network-level encapsulation, encryption, decryption,
tunneling services

17

A Study on Paypal.com

permits a variable-security facility-zones creation that may also offer

some functionalities not necessarily related to the security function

that is the primary function of the firewall

Supports creation and interpretation of structured logging mechanisms
and files for a variety of purposes.

But firewall is never full protection. As its name signifies it is the gateway to
allow or deny the communication access. It cannot ensure full security in all
dimensions.
The following are the types of firewall:
1. Packet filters examines the data packet to determine whether they are
destined for restricted port, or originated from prohibited IP address.
2. Application filters are the type of firewall that filters communication
based on the application being requested, rather than source and
destination of message. They are more secure than packet filters.
3. Circuit level firewall doesnt simply allows or disallow packets but
also determines whether the connection between both ends is valid
according to the predefined rules.
4. Proxy servers are the software

servers

that

handles

all

communications originating from or being sent to the internet acting

as a spokesperson or bodyguard for the organization.

18

A Study on Paypal.com

Figure 5.1: PayPal firewall

5.4.2.

Cryptography

The method of encryption and decryption to provide secure connection is

called cryptography. It aims to handle network-specific or internetworkspecific issues and problems involving authentication, integrity and secrecy
or confidentiality or privacy. Cryptography can exist with or without
networks but Network Cryptography or Internet Cryptography specifically
addresses the needs or requirements of networks or internetworks and is thus
a subset of general cryptography. In cryptographic systems, the term key
refers to a numerical value used by an algorithm to alter information, making

19

A Study on Paypal.com

that information secure and visible only to individuals who have the
corresponding key to recover the information.
There are two types of cryptography viz. private key cryptography and public
key cryptography.
In private key cryptography single key is used for encrypting and decrypting
the massage, whoever has that key, can decrypt the message, but the main
limitation of this type is to transfer that key securely. It is not much practiced
independently.
Public key cryptography, on the other hand is set of two keys (private and
public), public key is distributed to others while private key is kept secure.
While transmitting message, one key is used to encrypt and remaining other is
for decryption. Due to its higher security many companies follow this
including PayPal.
PayPal uses the SSL (Secure Socket Layer) to encrypt and decrypt the
message. To ensure maximum security it uses 128 bit SSL which is maximum
of commercially available.

5.4.3.

Digital certificate and certification authority

Digital certificate is a form of electronic credentials for the Internet. Digital

certificate is issued by a trusted third party to establish the identity of the ID
holder. The third party who issues certificates is known as aCertification
Authority (CA). Digital certificate technology is based on the theory of public
key cryptography. In public key cryptography systems, every entity has two
complementary keys, a public key and private key, which function only when
they are placed together. The purpose of a Digital ID is to reliably link a
public/private key pair with its owner. When a CA issues Digital IDs, it
verifies that the owner is not claiming a false identity.
The main purpose of the digital certificate is authenticity. In each electronic
transaction, there is risk that whether the parties are the real one or fake. To
ensure it CAs issue digital certificate.
PayPal has acquired certificates from the following certification authority:
VeriSign

20

A Study on Paypal.com

Figure 5.2:Website verification through CA

5.4.4.

SET protocol

SSL is to encrypt and decrypt the message to provide security of

communication. But the limitation of SSL was it cannot ensure the users
authenticity. Buyer cannot be sure that seller is genuine and seller cannot be
ensured that buyer is genuine. So, the concept of SET was developed by two
giant credit card companies-Visa and Master Card to solve the limitation. It
uses CA to authenticate the user.
SET (Secure Electronic Transaction) is a very comprehensive security
protocol, which utilizes cryptography to provide confidentiality of
information, ensure payment integrity, and enable identity authentication. For
authentication purposes, cardholders, merchants, and acquirers will be issued
digital certificates by their sponsoring organizations.
SET is not itself a payment system, rather it is set of security protocols and
formats that enables user to employ existing credit card payment
infrastructure on an open network such as Internet, in a secure fashions.
The SET transaction process itself is similar to standard online credit card
transaction, except that there is more identity verification involved(Laudon &
Traver, 2003). The identity verification is done by digital certificate.
PayPal is successful because of the buyers confidence toward the site. This
confidence in the customer is due to higher version of SSL and use of SET
protocol.

21

A Study on Paypal.com

CHAPTER-VI
MARKETING STRATEGY OF WEBSITE
5.1.

Introduction to e-marketing

We all are very much familiar with the word marketing the same marketing that
we use in e format is e-marketing.
E-marketing is a generic term utilized for a wide range of activities advertising,
customer communications, branding, fidelity programs etc., by using the internet
and other electronic devices. More than the simple development of a website, emarketing focuses on different techniques to attract its customers toward the site.
These techniques may be online communications, direct dialog with consumers
who thus participate to the creation of new products, finding efficient methods to
win customers fidelity and ease their business process. E marketing is the sum of
activities a company makes with the purpose of finding, attracting, winning and
retaining customers.
In other words, e- marketing is the product of the meeting between modern
communication technologies and the marketing methods such as banners,
sponsorship, pop-up and pop- under, portals, keyword, search engine, e-mail,
interstitials and superstitials, etc.

5.2.

Marketing strategies of website

PayPal, although is believed to have failed to grab opportunity due to lack of

appropriate marketing techniques, has used several marketing strategies. The
following are the marketing strategies adopted by PayPal:

1. SEO(Search engine optimization)

SEO is practice of making different keywords that the consumers are
likely to use to solve their requirement. If website uses different and
realistic keywords then the chance of appearing at first in search engine is
higher than its competitors. For e.g. PayPal may use different terms such
as Online payment, most secure payment, pay online, money on email etc.

2. Personalization
When customer visits the PayPal website, it put a tiny file in customers
terminal known as cookies that contains the information about the
customers and that enables PayPal to customize service as per the nature
of customer. But they respect the customers privacy.

3. Privacy

22

A Study on Paypal.com
Privacy is another tool of their marketing. They do not share the customers
credit card number in any way. Only those which are risk free to share are shared
with PayPal that is also with the consent of customer.

4. Customer service and confidence

Giving customer a very good experience with the website in terms of
ease, clarity, usefulness are some of the strength factors as well as
marketing strategies of the PayPal.

5. Security
To make secure transaction it uses the most secure version of SSL (i.e.
128 bit encryption) that is commercially available. In addition use of SET
protocol makes it more secure.This is also the marketing strategies of the
PayPal.

6. Diversification
After PayPal was purchased by eBay, the PayPal finds itself in better
position to market due to synergetic effect. Now, to gain more from the
opportunity PayPal is focusing on non-eBay customers because eBay
customers are already well known about it.

23

A Study on Paypal.com

CHAPTER-VII
CONCLUSION AND RECOMMENDATION
5.1.

Conclusion

PayPal was established in1998 and taken over by eBay in 2002. Because it
addressed the problem of complexity of paying in the e-business, it has become
the largest payment gateway of the e-transaction today. Despite several challenges
it has successfully operated in its business. Even it homepage is home page is
secure with encryption(https://www.paypal.com). The use of maximum extend of
security has become its core competency. The digital certificate from CAs such as
VeriSign makes their transaction secure and authentic. In addition, its marketing
strategies that are really addressing consumer interest are also the major factor of
the success of the organization.
In this project report we tried to make it clear about the functionalities of PayPal
as an e-business. Its business model, its network infrastructure, product lines,
security at PayPal, PayPal marketing are the major contents of this report.
After the completion of this report we not only fulfilled the syllabus requirement
but also got to know many things about the PayPal (an e-business in fact) that is
the most optimistic part of it.

5.2. Recommendation
Throughout this report we wrote that PayPal has failed to grab its opportunity,
now the following are our recommendation to PayPal to become even more
successful
1. Mobile service is being a major portion of e-business, so it should focus
on mobile application that ensures higher customization of services.
2. Although it has started diversification it non-eBay market segment. But is
has to do many things to be successful on that because large competitors
are increasing day by day.
3. Remittance is being more attractive market today, because PayPal can
ensure maximum security it can go towards remittance also.
4. PayPal should use advertisement campaign in order to capture larger
market.
5. Several login failure and problem of fake sites has been reported. So
PayPal should seriously take action against it.

24

A Study on Paypal.com

REFERENCE
Kalakota, R., & Whinston, A. B. (2003). Frontiers of electronic commerce. Delhi:
Pearson education.
Laudon, K. C., & Traver, C. G. (2003). E-commerce. Delhi: Pearson education.
Sigdel, Baikuntha, et al. (2010). An introduction to E-commerce, Kathmandu:
Joseph, P T, (2003). E-commerce A Managerial Perspective, Delhi:
(2003). PayPal: the money's in the e-mail. In K. C. Laudon, E-commerce (pp. 281282). Delhi: Pearson education.
PayPal SOAP API Architecture. (n.d.). Retrieved 8 7, 2013, from PayPal objects:
http://www.paypalobjects.com/
PayPal retrieved 8 7, 2013, from PayPal website: https://www.paypal.com
Network infrastructureretrieved 8 7, 2013 from wikipedia:
http://en.wikipedia.org/wiki/network-infrastructure
Network architecture retrieved 8 7, 2013 from wikipedia:
http://en.wikipedia.org/wiki/network-architecture
PayPal retrieved 8 7, 2013 from Slideshare: http://slideshare.net/
Using credit card on PayPal retrieved 8 7, 2013 from yahoo answers:
http://in.answers.yahoo.com/
PayPal Ducumentation retrieved 8 7, 2013 from PayPal documentation:
http://developer.paypal.com/
PayPal retrieved 8 7, 2013 from eBay answers: http://www.ebay.com/
PayPal details retrieved 8 7, 2013 from HowStuffWorks answers:
http://money.howstuffworks.com/

A Study on Paypal.com

APPENDIX
1. PayPal Homepage

2. PayPal accounts