e-commerce and governance unit 1-5

http://earnrupees4you.com

UNIT-1


E-COMMERCE

Electronic commerce (e-commerce) is a growing aspect of the business community. This

formally is the use of digital transactions between and among businesses and individuals. More

commonly e-commerce is the use of the Internet to conduct business. Initially emerging from

the Electronic Data Interchange (EDI) e-commerce has gone through several major steps to get

to its current point. Through these steps there has been an emergence of several subsets of e-

commerce and new technologies. As a result of these changes and the growth of electronic

commerce benefits and detriments have been brought to society that can be generalized to all the

subsets of e-commerce. Looking at economic, privacy and social aspects of society we can see

there are issues facing electronic commerce development. It is also possible to see there are

some industries that e-commerce has had a greater impact on, such as the culture and information

industry. Overall, electronic commerce can be a benefit to society especially if businesses adapt

to their customers worries such as privacy concerns. As these problems begin to be solved and

technology improves e-commerce will provide individuals with more choice and add further

depth to the economy.

2] Electronic commerce, commonly known as e-commerce or eCommerce, or e-business consists

of the buying and selling of products or services over electronic systems such as the Internet and

other computer networks. The amount of trade conducted electronically has grown

extraordinarily with widespread Internet usage.

3] ‗Electronic commerce is sharing business information ,maintaining business relationships and

conducting business transactions by means of telecommunications networks‘

4] E- Commerce is the division of electronic business and is the process of buying or selling over

internet, much like marketing but on the internet. Initially when Tim Berners-Lee programmed

the internet, e-commerce was mainly meant to do Electronic Fund Transfer (EFT) and Electronic

Data Interchange (EDI). Later as the internet developed the e-commerce also had developed.

And with the development of E-Commerce the Federal Trade Commission (FTC) started

regulating the activities of E-Commerce. E-Commerce includes anything from buying a virtual

content for instant implementation to buying goods for domestic purposes.


EDI

Electronic commerce has existed for over 40 years, originating from the electronic transmission

of messages during the Berlin airlift in 1948.2 from this; electronic data interchange (EDI) was

the next stage of e-commerce development. In the 1960s a cooperative effort between industry

groups produced a first attempt at common electronic data formats. The formats, however, were

only for purchasing, transportation and finance data, and were used primarily for intra-industry

transactions. It was not until the late 1970s that work began for national

Electronic Data Interchange (EDI) standards, which developed well into the early 1990s.

EDI is the electronic transfer of a standardized business transaction between a sender and

receiver computer, over some kind of private network or value added network (VAN). Both sides

would have to have the same application software and the data would be exchanged in an

extremely rigorous format. In sectors such as retail, automotive, defence and heavy

manufacturing, EDI was developed to integrate information across larger parts of an

organisation‘s value chain from design to maintenance so that manufacturers could share

information with designers, maintenance and other partners and stakeholders.

From this, electronic data interchange (EDI) was the next stage of e-commerce development. In

the 1960s a cooperative effort between industry groups produced a first attempt at common

electronic data formats. The formats, however, were only for purchasing, transportation and

finance data, and were used primarily for intra-industry transactions. It was not until the late

1970s that work began for national Electronic Data Interchange (EDI) standards, which

developed well into the early 1990s. Before the widespread uptake and commercial use of the

Internet, the EDI system was very expensive to run mainly because of the high cost of the private

networks. Thus, uptake was limited largely to cash-rich multinational corporations using their

financial strength to pressure and persuade (with subsidies) smaller suppliers to implement EDI

systems, often at a very high cost. By 1996 no more than 50,000 companies in Europe

and 44,000 in the USA were using EDI, representing less than 1 per cent of the total

number of companies in each of the respective continents. According to Zwass,

electronic commerce has been re-defined by the dynamics of the Internet and traditional

e-commerce is rapidly moving to the Internet. With the advent of the Internet, the term


e-commerce began to include:

1 Electronic trading of physical goods and of intangibles such as information.

2 All the steps involved in trade, such as on-line marketing, ordering payment and

support for delivery.

3 The electronic provision of services such as after sales support or on-line legal

advice.

4 Electronic support for collaboration between companies such as collaborative

Some of the definitions of e-commerce often heard and found in publications and the

media are:

1 Electronic Commerce (EC) is where business transactions take place via

telecommunications networks, especially the Internet.

2 Electronic commerce describes the buying and selling of products, services, and

information via computer networks including the Internet.

3 Electronic commerce is about doing business electronically.

4 E-commerce, ecommerce, or electronic commerce is defined as the conduct of a

financial transaction by electronic means

HISTORY

There have been several key steps in the history of e-commerce. The first step came from the

development of the Electronic Data Interchange (EDI). EDI is a set of standards developed in

the 1960‘s to exchange business information and do electronic transactions. At first there was

several different EDI formats that business could use, so companies still might not be able to

interact with each other. However, in 1984 the ASC X12 standard became stable and reliable in

transferring large amounts of transactions . The next major step occurred in 1992 when the

Mosaic web-browser was made available, it was the first ‗point and click‘ browser. The Mosaic

browser was quickly adapted into a downloadable browser, Netscape, which allowed easier

access to electronic commerce. The development of DSL was another key moment in the

development to of e-commerce. DSL allowed quicker access and a persistent connection to the

Internet. Christmas of 1998 was another major step in the development of e-commerce. AOL


had sales of 1.2 billion over the 10 week holiday season from online sales. The development of

Red Hat Linux was also another major step in electronic commerce growth. Linux gave users

another choice in a platform other then Windows that was reliable and open-source. Microsoft

faced with this competition needed to invest more in many things including electronic

commerce.

Napster was an online application used to share music files for free. This application was yet

another major step in e-commerce. Many consumers used the site and were dictating what they

wanted from the industry. A major merger, in early 2000, between AOL and Time Warner was

another major push for electronic commerce. The merger, worth $350 million, brought together

a major online company with a traditional company. In February 2000 hackers attacked some

major players of e-commerce, including Yahoo, ebay and Amazon. In light of these attacks the

need for improved security came to the forefront in the development of electronic commerce.

It is predicted that that revenues, up until 2006, will grow 40% to 50% yearly. Expectations of

higher prices as well as larger profits for e-commerce business are also present. Also, we will

see a larger presence by experienced traditional companies, such as Wal-Mart, on the Internet. It

is believed companies in general will take this mixed strategy of having stores online and offline

in order to be successful. .

Emerging Technology

Original e-commerce applications were based on getting needed data to the consumer. In other

words the major concern was integrating current catalogues and data into an online format from

which consumers could shop. Recently though the major realization was ensuring customer

satisfaction and ease of use while using an e-commerce site is very important in success. A

simple and enjoyable experience is what customers are demanding and they do not want to be

concerned with the technology behind it. In order to provide this experience the latest

technology being developed is based on making e-commerce shopping into a more natural

interaction.

One area of research into making interactions more natural is by using virtual agents. The goal

of these agents is to actually converse with customers and be able to act proactively when

dealing with customers. These agents would appear to e-commerce clients at 2D or 3D


animations that would be capable of expressing facial emotions to try to simulate a natural

environment .

Other researchers in the area of virtual agents are focusing on making them informative as

possible. Often consumers want to search e-commerce sites to gain further information, but this

can prove frustrating at times. The virtual agents role would be to eliminate this frustration.

Virtual agents would be given as much information regarding customers, products and sales

processes as possible. They would then become the focal point on an e-commerce site for

providing information accurately and effectively.

The INTELLECT system concept is being developed for use in electronic commerce. Under this

system e-commerce sites would have five modules. An e-shop would be the first module and is

what the customer would see. It would be similar to current e-commerce sites for example

having a catalogue and shopping baskets. The product could be viewed in 3D using the second

module; the virtual reality module. In this module customers could also configure their own

products choosing what components they wish to make up their product. The third module is

called the configurator and would be put in place to help the administration of components and

products. Customers could also use the help module that would include features such as page

mirroring and video conferencing. The final module would be used as a link between the front

end and the back-office system; this module is called the order-processing module. The main

duty of this part of INTELLECT is to handle orders.

Industries Impacted

One of the major industries, according to a Statistics Canada survey, taking part in electronic

commerce is the culture and information sector. Around 20% of businesses in this sector have

an online e-commerce component. Following up at 17% was private sector education institutes,

support services and administrations industries. Other industries that have been predicted to

grow include the banking industry. By 2004 this industry is expected to have sales in the 12.4

billion US. Also, another industry that is poised for growth due to the increased bandwidth is the

home entertainment sector .

Very recently the online pharmacy industry has been gaining attention. Prescription drugs are

generally cheaper in Canada then they are in the United States. The main reason for this is the


exchange rate as well as the price is regulated in Canada. In order to take advantage of these

cheaper prices some US citizens are using Canadian online pharmacies. They attain price

information and order forms from these websites. Since electronic orders are not allowed the US

customers fax in the required information to the online pharmacies to get their prescriptions.

Economic Issues

From an economic aspect there have been several advantages to electronic commerce. In

particular consumers have more suppliers, sometimes including foreign suppliers. Searching the

Internet can also be done to find the lowest price. In general the market becomes larger and

makes for more competition. This increased competition can bring down prices for consumers

and other businesses. Further, the increase in information and choice available can help increase

the efficiency of a supply and demand equilibrium.

Also, with increased competition companies themselves will try to become more efficient. This

may be by new technologies or methods that reduce costs and increase productivity. In turn

from this lower prices may occur or the emergence of new technology .

Electronic commerce does have some negative effects on the economy. The availability of

goods online should increase competition and in turn lower prices, but this does not always

occur. A good reputation may allow a retailer to hold some control over their area of the market.

Further, companies can also find with ease the prices of their competitors allowing them to react

immediately to changes. In the worst-case scenario this monitoring may not involve any changes

to price. A price that is not advantageous to the consumer may be kept because no company is

willing to lower their price because it would not be profitable. That is, a company may be

willing to lower their price because the increase in sales would offset the lower price. However,

since other companies can quickly change their price the original company would not make any

extra revenue from increased sales .

Also the increased competition may cause product differentiation. This involves making similar

products that have the same general purpose, but are still unique. In this situation consumers will

have a difficult time comparing different products. As a result of the minimal information

competition will not be as high and prices may not be lower.


Social Issues

As electronic commerce expands it has a greater social impact. In order for the expansion of e-

commerce to occur there will be a need to improve education about the business side of e-

commerce and the technical side. As rapidly as e-commerce is growing changes are inevitable

and in order to deal with these changes people will have to have education available. Traditional

educational institutes will have to adapt to try and provide experience for the e-commerce market

and information technology in general. Also, there already been expansion of learning about e-

commerce into other forms of education rather then through traditional institutes. Institutes

solely based on learning information technology, including e-commerce, have been opened and

in addition to this online training can also be found.

The health sector of society can also be affected by the development of e-commerce. Electronic

commerce applications can be developed for use by the health care systems. In some cases the

use of these e-commerce sites can be help the system work more efficiently in turn be more cost

effective. By reducing costs using these methods more money can be made available to other

areas of the health sector.

Another aspect of society that is affected by electronic commerce is the sense of community.

Consumers can now belong to a more global community by being able to buy goods from around

the world, however this has its own societal effects. There is a loss of direct physical interaction

between individuals. Also the sense of loyalty that can occur during traditional business can be

harder to develop due to the global aspect and the lack of physical interaction of e-commerce.

Companies have to deal with an entire global market and can face difficulties in maintaining a

focus on specific customers to gain loyalty. There are also concerns that traditional businesses

may begin to suffer significantly is electronic commerce continues to grow.

As well, e-commerce plays a part increasing use and improving computer technology that can be

used by society. Electronic commerce can help the expansion of computer technology to more

people. As more people begin to use e-commerce more companies will begin to take part. This

will lead to better infrastructure and easier access to the Internet in order to encourage an even

larger market. By expanding like this it will not only help companies make more profit, but it

should make the resources of the Internet easier to attain to more people in society. Again, as


companies look better methods to expand their online-businesses new technologies may be

developed. These new technologies may not only help e-commerce, but may be useful in other

parts of society as well.

Overall Effects

Electronic commerce provides a different way of doing business that comes with its own set of

benefits. The market size increases greatly to encompass the whole globe. This provides

business with more customers and customers more choice. More mass customization can also be

achieved. It become easier through e-commerce for the customer to tell a business exactly what

they require and individualize products or services. Also, electronic commerce allows the

supply chain to be shortened; products can sometime be shipped directly from the manufacturer

to the customer. Other areas where businesses may benefit occur because transactions are

cheaper. This is the case where in a traditional business they would have to pay for labour to

complete the transaction, but by making the transaction electronic there is minimal labour cost.

These are a few examples of some general benefits of electronic commerce .

Even though there are benefits to both consumers and businesses there are still issues limiting

electronic commerce effectiveness. These issues have to deal with the problems related to

privacy. There is a general lack of trust in what is happening to customer‘s information and the

security of their data. Increasing consumer confidence in e-commerce is one of the biggest

challenges facing this form of business. Companies have to prove they can be loyal and

trustworthy to their customers. We can see the importance of these qualities by seeing that some

of the most profitable e-commerce companies are those that also have traditional stores. These

companies already have a strong customer base that is confident in them and helps make it easier

for consumers to trust their online stores.

Conclusion

Electronic commerce may be a new form of doing business, but it has developed rapidly. Even

though e-commerce has a short history there have been several important turning points in its

development. Further, as progress took place more markets opened up for the use of electronic

commerce. It became apparent it could be used more then just for Consumer-to-Consumer, but

also for other markets such as Business-to-Business. Current research in e-commerce is focusing


on making the experience more natural and comfortable for the customer, through such

technology as virtual agents. As with other forms of business, e-commerce has impacted some

industries more then others, such as the culture and information sector. Other industries, like

banking, have the potential for large future growth via electronic commerce. As this growth

continues this type of business has to face social, economic and privacy issues. In each of these

aspects of society we can see areas that e-commerce is being successful, but there are also

areas for improvement. A major are of concern is the issue of privacy. Consumers are hesitant

to use online business because they often have limited guarantees about the privacy of their

information. If concerns like these can be reduced, electronic commerce can play a positive role

in helping improve the world of business.

E-commerce is can be further categorized into the following:

Business -to -Business (B2B)

Business- to- Customer (B2C)

Consumer-to-Business (C2B )

Consumer- to -consumer (C2C)

Business to business is one in which a company deals with another company for business and

exchanging of goods, products, services. Some of the examples of b2b e-commerce sites are a

company's official site, brokering sites etc.

Business to customer------ is one where the company sells its goods to the customer or trades

with the customers. This is electronic retailing and called as e-tailing in common. One of the best

example is amazon.com

Consumer to business is when a customer works for a certain company for business and the

company buys it, here the consumer has to price the trade. Example for such a site is

priceline.com

Consumer to consumer is more like auctioning, bartending, etc... where a consumer places bid

and other buys it. Here the websites acts an intermediate for the business Example for such sites

is eBay.


B2B(Business-to-Business)

Companies doing business with each other such as manufacturers selling to distributors and

wholesalers selling to retailers. Pricing is based on quantity of order and is often negotiable.

B2C(Business-to-Consumer)

Businesses selling to the general public typically through catalogs utilizing shopping cart

software. By dollar volume, B2B takes the prize, however B2C is really what the average Joe has

in mind with regards to ecommerce as a whole.

C2B(Consumer-to-Business)

A consumer posts his project with a set budget online and within hours companies review the

consumer's requirements and bid on the project. The consumer reviews the bids and selects the

company that will complete the project. Elance empowers consumers around the world by

providing the meeting ground and platform for such transactions.

C2C(Consumer-to-Consumer)

There are many sites offering free classifieds, auctions, and forums where individuals can buy

and sell thanks to online payment systems like PayPal where people can send and receive money

online with ease. eBay's auction service is a great example of where person-to-person

transactions take place everyday since.

Companies using internal networks to offer their employees products and services online--not

necessarily online on the Web--are engaging in B2E (Business-to-Employee) ecommerce.

G2G (Government-to-Government), G2E (Government-to-Employee), G2B (Government-to-

Business), B2G (Business-to-Government), G2C (Government-to-Citizen), C2G (Citizen-to-

Government) are other forms of ecommerce that involve transactions with the government--from

procurement to filing taxes to business registrations to renewing licenses. There are other

categories of ecommerce out there, but they tend to be superfluous.

Value chain


A value chain is a chain of activities for a firm operating in a specific industry. The business unit

is the appropriate level for construction of a value chain, not the divisional level or corporate

level. Products pass through all activities of the chain in order, and at each activity the product

gains some value. The chain of activities gives the products more added value than the sum of

added values of all activities. It is important not to mix the concept of the value chain with the

costs occurring throughout the activities. A diamond cutter can be used as an example of the

difference. The cutting activity may have a low cost, but the activity adds much of the value to

the end product, since a rough diamond is significantly less valuable than a cut diamond.

Activities

The value chain categorizes the generic value-adding activities of an organization. The "primary

activities" include: inbound logistics, operations (production), outbound logistics, marketing and

sales (demand), and services (maintenance). The "support activities" include: administrative

infrastructure management, human resource management, technology (R&D), and procurement.

The costs and value drivers are identified for each value activity.

Significance

The value-chain concept has been extended beyond individual firms. It can apply to whole

supply chains and distribution networks. The delivery of a mix of products and services to the

end customer will mobilize different economic factors, each managing its own value chain. The

industry wide synchronized interactions of those local value chains create an extended value

chain, sometimes global in extent. Porter terms this larger interconnected system of value chains

the "value system." A value system includes the value chains of a firm's supplier (and their

suppliers all the way back), the firm itself, the firm distribution channels, and the firm's buyers

(and presumably extended to the buyers of their products, and so on).

Capturing the value generated along the chain is the new approach taken by many management

strategists. For example, a manufacturer might require its parts suppliers to be located nearby its


assembly plant to minimize the cost of transportation.

Value chain analysis has also been successfully used in large Petrochemical Plant Maintenance

Organizations to show how Work Selection, Work Planning, Work Scheduling and finally Work

Execution can (when considered as elements of chains) help drive Lean approaches to

Maintenance. The Maintenance Value Chain approach is particularly successful when used as a

tool for helping Change Management as it is seen as more user friendly than other business

process tools.

Value chain analysis has also been employed in the development sector as a means of identifying

poverty reduction strategies by upgrading along the value chain [4]

.

Value Reference Model

A Value Reference Model (VRM) developed by the global not-for-profit Value Chain Group

offers an open source semantic dictionary for value chain management encompassing one unified

reference framework representing the process domains of product development, customer

relations and supply networks.

The integrated process framework guides the modeling, design, and measurement of business

performance by uniquely encompassing the plan, govern and execute requirements for the

design, product, and customer aspects of business.

The Value Chain Group claims VRM to be next generation Business Process Management that

enables value reference modeling of all business processes and provides product excellence,

operations excellence, and customer excellence.

Six business functions of the Value Chain:

Research and Development

Design of Products, Services, or Processes

Production

Marketing & Sales


Distribution

Customer Service

Advantages and disadvantages of e commerce Like any conventional business, electronic commerce is also characterized by some advantages

and inherent drawbacks. Let's have a look at some of these important advantages and

disadvantages of electronic commerce.

The greatest and the most important advantage of e-commerce, is that it enables a business

concern or individual to reach the global market. It caters to the demands of both the national and

the international market, as your business activities are no longer restricted by geographical

boundaries. With the help of electronic commerce, even small enterprises can access the global

market for selling and purchasing products and services. Even time restrictions are nonexistent

while conducting businesses, as e-commerce empowers one to execute business transactions 24

hours a day and even on holidays and weekends. This in turn significantly increases sales and

profit.

Electronic commerce gives the customers the opportunity to look for cheaper and quality

products. With the help of e-commerce, consumers can easily research on a specific product and

sometimes even find out the original manufacturer to purchase a product at a much cheaper price

than that charged by the wholesaler. Shopping online is usually more convenient and time saving

than conventional shopping. Besides these, people also come across reviews posted by other

customers, about the products purchased from a particular e-commerce site, which can help

make purchasing decisions.

For business concerns, e-commerce significantly cuts down the cost associated with marketing,

customer care, processing, information storage and inventory management. It reduces the time

period involved with business process re-engineering, customization of products to meet the

demand of particular customers, increasing productivity and customer care services. Electronic

commerce reduces the burden of infrastructure to conduct businesses and thereby raises the

amount of funds available for profitable investment. It also enables efficient customer care


services. On the other hand, It collects and manages information related to customer behavior,

which in turn helps develop and adopt an efficient marketing and promotional strategy.

Disadvantages

Electronic commerce is also characterized by some technological and inherent limitations which

has restricted the number of people using this revolutionary system. One important disadvantage

of e-commerce is that the Internet has still not touched the lives of a great number of people,

either due to the lack of knowledge or trust. A large number of people do not use the Internet for

any kind of financial transaction. Some people simply refuse to trust the authenticity of

completely impersonal business transactions, as in the case of e-commerce. Many people have

reservations regarding the requirement to disclose personal and private information for security

concerns. Many times, the legitimacy and authenticity of different e-commerce sites have also

been questioned.

Another limitation of e-commerce is that it is not suitable for perishable commodities like food

items. People prefer to shop in the conventional way than to use e-commerce for purchasing food

products. So e-commerce is not suitable for such business sectors. The time period required for

delivering physical products can also be quite significant in case of e-commerce. A lot of phone

calls and e-mails may be required till you get your desired products. However, returning the

product and getting a refund can be even more troublesome and time consuming than

purchasing, in case if you are not satisfied with a particular product.

Thus, on evaluating the various pros and cons of electronic commerce, we can say that the

advantages of e-commerce have the potential to outweigh the disadvantages. A proper strategy to

address the technical issues and to build up customers trust in the system, can change the present

scenario and help e-commerce adapt to the changing needs of the world.

Value Chain

To analyze the specific activities through which firms can create a competitive advantage, it is


useful to model the firm as a chain of value-creating activities. Michael Porter identified a set of

interrelated generic activities common to a wide range of firms. The resulting model is known as

the value chain and is depicted below:

Primary Value Chain Activities

Inbound

Logistics > Operations >

Outbound

Logistics >

Marketing

& Sales > Service

The goal of these activities is to create value that exceeds the cost of providing the product or

service, thus generating a profit margin.

Inbound logistics include the receiving, warehousing, and inventory control of input

materials.

Operations are the value-creating activities that transform the inputs into the final

product.

Outbound logistics are the activities required to get the finished product to the customer,

including warehousing, order fulfillment, etc.

Marketing & Sales are those activities associated with getting buyers to purchase the


product, including channel selection, advertising, pricing, etc.

Service activities are those that maintain and enhance the product's value including

customer support, repair services, etc.

Any or all of these primary activities may be vital in developing a competitive advantage. For

example, logistics activities are critical for a provider of distribution services, and service

activities may be the key focus for a firm offering on-site maintenance contracts for office

equipment.

These five categories are generic and portrayed here in a general manner. Each generic activity

includes specific activities that vary by industry.

Support Activities

The primary value chain activities described above are facilitated by support activities. Porter

identified four generic categories of support activities, the details of which are industry-specific.

Procurement - the function of purchasing the raw materials and other inputs used in the

value-creating activities.

Technology Development - includes research and development, process automation, and

other technology development used to support the value-chain activities.

Human Resource Management - the activities associated with recruiting, development,

and compensation of employees.

Firm Infrastructure - includes activities such as finance, legal, quality management, etc.

Support activities often are viewed as "overhead", but some firms successfully have used them

to develop a competitive advantage, for example, to develop a cost advantage through

innovative management of information systems.


Value Chain Analysis

In order to better understand the activities leading to a competitive advantage, one can begin with

the generic value chain and then identify the relevant firm-specific activities. Process flows can

be mapped, and these flows used to isolate the individual value-creating activities.

Once the discrete activities are defined, linkages between activities should be identified. A

linkage exists if the performance or cost of one activity affects that of another. Competitive

advantage may be obtained by optimizing and coordinating linked activities.

The value chain also is useful in outsourcing decisions. Understanding the linkages between

activities can lead to more optimal make-or-buy decisions that can result in either a cost

advantage or a differentiation advantage.

The Value System

The firm's value chain links to the value chains of upstream suppliers and downstream buyers.

The result is a larger stream of activities known as the value system. The development of a

competitive advantage depends not only on the firm-specific value chain, but also on the value

system of which the firm is a part.

Supply chain

A supply chain is a system of organizations, people, technology, activities, information and

resources involved in moving a product or service from supplier to customer. Supply chain

activities transform natural resources, raw materials and components into a finished product that

is delivered to the end customer. In sophisticated supply chain systems, used products may re-

enter the supply chain at any point where residual value is recyclable. Supply chains link value

chains.


Overview

The Council of Supply Chain Management Professionals (CSCMP) defines Supply Chain

Management as follows: ―Supply Chain Management encompasses the planning and

management of all activities involved in sourcing and procurement, conversion, and all logistics

management activities. Importantly, it also includes coordination and collaboration with channel

partners, which can be suppliers, intermediaries, third-party service providers, and customers.

In essence, supply chain management integrates supply and demand management within and

across companies.

Supply Chain Management is an integrating function with primary responsibility for linking

major business functions and business processes within and across companies into a cohesive

and high-performing business model.

A typical supply chain begins with ecological and biological regulation of natural resources,

followed by the human extraction of raw material, and includes several production links (e.g.,

component construction, assembly, and merging) before moving on to several layers of storage

facilities of ever-decreasing size and ever more remote geographical locations, and finally

reaching the consumer.

Many of the exchanges encountered in the supply chain will therefore be between different

companies that will seek to maximize their revenue within their sphere of interest, but may have

little or no knowledge or interest in the remaining players in the supply chain. More recently, the

loosely coupled, self-organizing network of businesses that cooperates to provide product and

service offerings has been called the Extended Enterprise]

Supply chain modeling

A diagram of a supply chain. The black arrow represents the flow of materials and information


and the gray arrow represents the flow of information and backhauls. The elements are (a) the

initial supplier, (b) a supplier, (c) a manufacturer, (d) a customer, (e) the final customer.

There are a variety of supply chain models, which address both the upstream and downstream

sides. However the SCOR model is most common.

The SCOR Supply-Chain Operations Reference model, developed by the Supply Chain Council,

measures total supply chain performance. It includes delivery and order fulfillment performance,

production flexibility, warranty and returns processing costs, inventory and asset turns, and other

factors in evaluating the overall effective performance of a supply chain.

The Global Supply Chain Forum (GSCF) introduced another Supply Chain Model. This

framework is built on eight key business processes that are both cross-functional and cross-firm

in nature. Each process is managed by a cross-functional team, including representatives from

logistics, production, purchasing, finance, marketing and research and development. While each

process will interface with key customers and suppliers, the customer relationship management

and supplier relationship management processes form the critical linkages in the supply chain.

Supply chain management

In the 1980s, the term Supply Chain Management (SCM) was developed to express the need to

integrate the key business processes, from end user through original suppliers. Original suppliers

being those that provide products, services and information that add value for customers and

other stakeholders. The basic idea behind the SCM is that companies and corporations involve

themselves in a supply chain by exchanging information regarding market fluctuations and

production capabilities.

If all relevant information is accessible to any relevant company, every company in the supply

chain has the possibility to and can seek to help optimizing the entire supply chain rather than

sub optimize based on a local interest. This will lead to better planned overall production and

distribution which can cut costs and give a more attractive final product leading to better sales

and better overall results for the companies involved.


Incorporating SCM successfully leads to a new kind of competition on the global market where

competition is no longer of the company versus company form but rather takes on a supply chain

versus supply chain form.

The primary objective of supply chain management is to fulfill customer demands through the

most efficient use of resources, including distribution capacity, inventory and labor.

In theory, a supply chain seeks to match demand with supply and do so with the minimal

inventory.

There is often confusion over the terms supply chain and logistics. It is now generally accepted

that the term Logistics applies to activities within one company/organization involving

distribution of product whereas the term supply chain also encompasses manufacturing and

procurement and therefore has a much broader focus as it involves multiple enterprises,

including suppliers, manufacturers and retailers, working together to meet a customer need for a

product or service.

There are actually four common Supply Chain Models. Besides the two mentioned above, there

are the American Productivity & Quality Center's (APQC) Process Classification Framework

and the Supply Chain Best Practices Framework.

An unusual food supply chain operated by illiterate Dabbawalas in Mumbai is noted for being

extremely reliable without using any computers or modern technology. It has been verified to be

a six sigma supply chain, meaning they make less than 3.4 mistakes per million deliveries.

.


UNIT-2 Credit card

A credit card is a small plastic card issued to users as a system of payment. It allows its

holder to buy goods and services based on the holder's promise to pay for these goods and

services. The issuer of the card grants a line of credit to the consumer (or the user) from

which the user can borrow money for payment to a merchant or as a cash advance to the use.

A credit card is different from a charge card: a charge card requires the balance to be paid in

full each month. In contrast, credit cards allow the consumers a continuing balance of debt,

subject to interest being charged. Most credit cards are issued by banks or credit unions, and

are the shape and size specified by the ISO/IEC 7810 standard as ID-1. This is defined as

85.60 × 53.98 mm (3.370 × 2.125 in) (33/8 × 2

1/8 in) in size.

How credit cards work

Credit cards are issued after an account has been approved by the credit provider, after which

cardholders can use it to make purchases at merchants accepting that card. Merchants often

advertise which cards they accept by displaying acceptance marks – generally derived from

logos – or may communicate this orally, as in "Credit cards are fine" (implicitly meaning "major

brands"), "We take (brands X, Y, and Z)", or "We don't take credit cards".

When a purchase is made, the credit card user agrees to pay the card issuer. The cardholder

indicates consent to pay by signing a receipt with a record of the card details and indicating the

amount to be paid or by entering a personal identification number (PIN). Also, many merchants

now accept verbal authorizations via telephone and electronic authorization using the Internet,

known as a card not present transaction (CNP).

Electronic verification systems allow merchants to verify in a few seconds that the card is valid

and the credit card customer has sufficient credit to cover the purchase, allowing the verification

to happen at time of purchase. The verification is performed using a credit card payment terminal

or point-of-sale (POS) system with a communications link to the merchant's acquiring bank.

Data from the card is obtained from a magnetic stripe or chip on the card; the latter system is

called Chip and PIN in the United Kingdom and Ireland, and is implemented as an EMV card.

For card not present transactions where the card is not shown (e.g., e-commerce, mail order, and

telephone sales), merchants additionally verify that the customer is in physical possession of the

card and is the authorised user by asking for additional information such as the security code

printed on the back of the card, date of expiry, and billing address.

Each month, the credit card user is sent a statement indicating the purchases undertaken with the

card, any outstanding fees, and the total amount owed. After receiving the statement, the

cardholder may dispute any charges that he or she thinks are incorrect. Otherwise, the cardholder

must pay a defined minimum proportion of the bill by a due date, or may choose to pay a higher

amount up to the entire amount owed. The credit issuer charges interest on the amount owed if

the balance is not paid in full. Some financial institutions can arrange for automatic payments to

be deducted from the user's bank accounts, thus avoiding late payment altogether as long as the


cardholder has sufficient funds.

Benefits to customers

The main benefit to each customer is convenience. Compared to debit cards and cheques, a credit

card allows small short-term loans to be quickly made to a customer who need not calculate a

balance remaining before every transaction, provided the total charges do not exceed the

maximum credit line for the card. Credit cards also provide more fraud protection than debit

cards. In the UK for example, the bank is jointly liable with the merchant for purchases of

defective products over £100.[2]

Many credit cards offer rewards and benefits packages, such as offering enhanced product

warranties at no cost, free loss/damage coverage on new purchases, and points which may be

redeemed for cash, products, or airline tickets. Additionally, carrying a credit card may be a

convenience to some customers as it eliminates the need to carry any cash for most purposes.

Detriments to customers

1]High interest and bankruptcy

Low introductory credit card rates are limited to a fixed term, usually between 6 and 12 months,

after which a higher rate is charged. As all credit cards charge fees and interest, some customers

become so indebted to their credit card provider that they are driven to bankruptcy. Some credit

cards often levy a rate of 20 to 30 percent after a payment is missed; in other cases a fixed charge

is levied without change to the interest rate.

2] Inflated pricing for all consumers

Merchants that accept credit cards must pay interchange fees and discount fees on all credit-card

transactions.[3][4]

In some cases merchants are barred by their credit agreements from passing

these fees directly to credit card customers, or from setting a minimum transaction amount.[5]

Grace period

A credit card's grace period is the time the customer has to pay the balance before interest is

assessed on the outstanding balance. Grace periods vary, but usually range from 20 to 50 days

depending on the type of credit card and the issuing bank. Usually, if a customer is late paying

the balance, finance charges will be calculated and the grace period does not apply. Finance

charges incurred depend on the grace period and balance; with most credit cards there is no grace

period if there is any outstanding balance from the previous billing cycle or statement (i.e.

interest is applied on both the previous balance and new transactions). However, there are some

credit cards that will only apply finance charge on the previous or old balance, excluding new

transactions

Benefits to merchants

An example of street markets accepting credit cards. Most simply display the acceptance marks

(stylized logos, shown in the upper-left corner of the sign) of all the cards they accept.


For merchants, a credit card transaction is often more secure than other forms of payment, such

as checks, because the issuing bank commits to pay the merchant the moment the transaction is

authorized, regardless of whether the consumer defaults on the credit card payment. In most

cases, cards are even more secure than cash, because they discourage theft by the merchant's

employees and reduce the amount of cash on the premises.

Prior to credit cards, each merchant had to evaluate each customer's credit history before

extending credit. That task is now performed by the banks which assume the credit risk. Credit

cards can also aid in securing a sale, especially if the customer does not have enough cash on his

or her person or checking account. Extra turnover is generated by the fact that the customer can

purchase goods and/or services immediately and is less inhibited by the amount of cash in his or

her pocket and the immediate state of his or her bank balance.

For each purchase, the bank charges the merchant a commission (discount fee) for this service

and there may be a certain delay before the agreed payment is received by the merchant. The

commission is often a percentage of the transaction amount, plus a fixed fee (interchange rate).

In addition, a merchant may be penalized or have their ability to receive payment using that

credit card restricted if there are too many cancellations or reversals of charges as a result of

disputes.

In some countries, for example the Nordic countries, banks guarantee payment on stolen cards

only if an ID card is checked and the ID card number/civic registration number is written down

on the receipt together with the signature. In these countries merchants therefore usually ask for

ID. Non-Nordic citizens, who are unlikely to possess a Nordic ID card or driving license, will

instead have to show their passport, and the passport number will be written down on the receipt,

sometimes together with other information. Some shops use the card's PIN for identification, and

in that case showing an ID card is not necessary.

Costs to merchants

Merchants are charged several fees for the privilege of accepting credit cards. The merchant is

usually charged a commission of 1%-3%+ of the value of each transaction paid for by credit

card. The merchant may also pay a variable charge, called an interchange rate, for each

transaction.[3]

In some instances of very low-value transactions, use of credit cards will

significantly reduce the profit margin or cause the merchant to lose money on the transaction.

In certain countries, merchants are required to pay the acquiring banks a monthly terminal rental

fee, if the terminals are provided by the acquiring banks. Merchants can apply to the acquiring

banks for waivers of the fees, which the banks usually agree to for merchants with a high volume

of sales, but not for smaller ones.

Parties involved

Cardholder: The holder of the card used to make a purchase; the consumer.

Card-issuing bank: The financial institution or other organization that issued the credit

card to the cardholder.This bank bills the consumer for repayment and bears the risk that

the card is used fraudulently Cards issued by banks to cardholders in a different country


are known as offshore credit cards.

Merchant: The individual or business accepting credit card payments for products or

services sold to the cardholder.

Acquiring bank: The financial institution accepting payment for the products or services

on behalf of the merchant.

Independent sales organization: Resellers (to merchants) of the services of the

acquiring bank.

Merchant account: This could refer to the acquiring bank or the independent sales

organization, but in general is the organization that the merchant deals with.

Credit Card association: An association of card-issuing banks such as Visa,

MasterCard, Discover, American Express, etc. that set transaction terms for

merchants, card-issuing banks, and acquiring banks.

Transaction network: The system that implements the mechanics of the electronic

transactions. May be operated by an independent company, and one company may

operate multiple networks.

Affinity partner: Some institutions lend their names to an issuer to attract customers that

have a strong relationship with that institution, and get paid a fee or a percentage of the

balance for each card issued using their name. Examples of typical affinity partners are

sports teams, universities, charities, professional organizations, and major retailers.

Transaction steps

Authorization: The cardholder pays for the purchase and the merchant submits the

transaction to the acquirer (acquiring bank). The acquirer verifies the credit card number,

the transaction type and the amount with the issuer (Card-issuing bank) and reserves that

amount of the cardholder's credit limit for the merchant. An authorization will generate

an approval code, which the merchant stores with the transaction.

Batching: Authorized transactions are stored in "batches", which are sent to the acquirer.

Batches are typically submitted once per day at the end of the business day. If a

transaction is not submitted in the batch, the authorization will stay valid for a period

determined by the issuer, after which the held amount will be returned back to the

cardholder's available credit.

Clearing and Settlement: The acquirer sends the batch transactions through the credit

card association, which debits the issuers for payment and credits the acquirer.

Essentially, the issuer pays the acquirer for the transaction.

Funding: Once the acquirer has been paid, the acquirer pays the merchant. The merchant

receives the amount totaling the funds in the batch minus either the "discount rate," "mid-

qualified rate", or "non-qualified rate" which are tiers of fees the merchant pays the

acquirer for processing the transactions.


Chargebacks: A chargeback is an event in which money in a merchant account is held

due to a dispute relating to the transaction. Chargebacks are typically initiated by the

cardholder. In the event of a chargeback, the issuer returns the transaction to the acquirer

for resolution.

Types of Credit Card

Secured credit cards

A secured credit card is a type of credit card secured by a deposit account owned by the

cardholder. Typically, the cardholder must deposit between 100% and 200% of the total amount

of credit desired. Thus if the cardholder puts down $1000, they will be given credit in the range

of $500–$1000. In these cases, the deposit required may be significantly less than the required

credit limit, and can be as low as 10% of the desired credit limit. This deposit is held in a special

savings account.

The cardholder of a secured credit card is still expected to make regular payments, as with a

regular credit card, but should they default on a payment, the card issuer has the option of

recovering the cost of the purchases paid to the merchants out of the deposit.

The advantage of the secured card for an individual with negative or no credit history is that

most companies report regularly to the major credit bureaus. This allows for building of positive

credit history.

Although the deposit is in the hands of the credit card issuer as security in the event of default by

the consumer, the deposit will not be debited simply for missing one or two payments. Usually

the deposit is only used as an offset when the account is closed, either at the request of the

customer or due to severe delinquency (150 to 180 days). This means that an account which is

less than 150 days delinquent will continue to accrue interest and fees, and could result in a

balance which is much higher than the actual credit limit on the card. In these cases the total debt

may far exceed the original deposit and the cardholder not only forfeits their deposit but is left

with an additional debt.

Most of these conditions are usually described in a cardholder agreement which the cardholder

signs when their account is opened.

Secured credit cards are an option to allow a person with a poor credit history or no credit history

to have a credit card which might not otherwise be available. They are often offered as a means

of rebuilding one's credit. Fees and service charges for secured credit cards often exceed those

charged for ordinary non-secured credit cards., secured cards can often be less expensive in total

cost than unsecured credit cards, even including the security deposit.

Prepaid "credit" cards

A prepaid credit card is not a true credit card, since no credit is offered by the card issuer: the

card-holder spends money which has been "stored" via a prior deposit by the card-holder or

someone else, such as a parent or employer. However, it carries a credit-card brand (such as

Visa, MasterCard, American Express, Discover, or JCB) and can be used in similar ways just as


though it were a regular credit card. Unlike debit cards, prepaid credit cards do not require a PIN.

After purchasing the card, the cardholder loads the account with any amount of money, up to the

predetermined card limit and then uses the card to make purchases the same way as a typical

credit card. Prepaid cards can be issued to minors (above 13) since there is no credit line

involved.

The main advantage over secured credit cards is that you are not required to come up with $500

or more to open an account. With prepaid credit cards purchasers not charged any interest but are

often charged a purchasing fee plus monthly fees after an arbitrary time period. Many other fees

also usually apply to a prepaid card.

Prepaid credit cards are sometimes marketed to teenagers for shopping online without having

their parents complete the transaction.

Because of the many fees that apply to obtaining and using credit-card-branded prepaid cards,

the Financial Consumer Agency of Canada describes them as "an expensive way to spend your

own money".

Costs

Credit card issuers (banks) have several types of costs:

Interest expenses

Banks generally borrow the money they then lend to their customers. As they receive very low-

interest loans from other firms, they may borrow as much as their customers require, while

lending their capital to other borrowers at higher rates. If the card issuer charges 15% on money

lent to users, and it costs 5% to borrow the money to lend, and the balance sits with the

cardholder for a year, the issuer earns 10% on the loan. This 10% difference is the "net interest

spread" and the 5% is the "interest expense".

Operating costs

This is the cost of running the credit card portfolio, including everything from paying the

executives who run the company to printing the plastics, to mailing the statements, to running the

computers that keep track of every cardholder's balance, to taking the many phone calls which

cardholders place to their issuer, to protecting the customers from fraud rings.

Charge offs

When a consumer becomes severely delinquent on a debt (often at the point of six months

without payment), the creditor may declare the debt to be a charge-off.

A charge-off is considered to be "written off as uncollectable." To banks, bad debts and even

fraud are simply part of the cost of doing business.


Rewards

Many credit card customers receive rewards, such as frequent flyer points, gift certificates, or

cash back as an incentive to use the card. Rewards are generally tied to purchasing an item or

service on the card, which may or may not include balance transfers, cash advances, or other

special uses.

Fraud

When a card is stolen, or an unauthorized duplicate made, most card issuers will refund some or

all of the charges that the customer has received for things they did not buy. These refunds will,

in some cases, be at the expense of the merchant, especially in mail order cases where the

merchant cannot claim sight of the card. In several countries, merchants will lose the money if no

ID card was asked for, therefore merchants usually require ID card in these countries. Credit card

companies generally guarantee the merchant will be paid on legitimate transactions regardless of

whether the consumer pays their credit card bill. Most banking services have their own credit

card services that handle fraud cases and monitor for any possible attempt at fraud. Employees

that are specialized in doing fraud monitoring and investigation are often placed in Risk

Management, Fraud and Authorization, or Cards and Unsecured Business. Fraud monitoring

emphasizes minimizing fraud losses while making an attempt to track down those responsible

and contain the situation. Credit card fraud is a major white collar crime that has been around for

many decades, even with the advent of the chip based card (EMV) that was put into practice in

some countries to prevent cases such as these. Even with the implementation of such measures,

credit card fraud continues to be a problem.

Promotion

Promotional purchase is any purchase on which separate terms and conditions are set on each

individual transaction unlike a standard purchase where the terms are set on the cardholder‘s

account record and their pricing strategy. All promotional purchases that post to a particular

account will be carrying its own balance called as Promotional Balance.

2 Debit card

A debit card (also known as a bank card or check card) is a plastic card that provides an

alternative payment method to cash when making purchases. Functionally, it can be called an

electronic cheque, as the funds are withdrawn directly from either the bank account, or from the

remaining balance on the card. In some cases, the cards are designed exclusively for use on the

Internet, and so there is no physical card.

In many countries the use of debit cards has become so widespread that their volume of use has

overtaken the cheque and, in some instances, cash transactions. Like credit cards, debit cards are

used widely for telephone and Internet purchases and, unlike credit cards, the funds are

transferred immediately from the bearer's bank account instead of having the bearer pay back the

money at a later date.

Debit cards may also allow for instant withdrawal of cash, acting as the ATM card for

withdrawing cash and as a cheque guarantee card. Merchants may also offer cashback facilities


to customers, where a customer can withdraw cash along with their purchase.

Types of debit card systems

There are currently three ways that debit card transactions are processed:

online debit (also known as PIN debit),

offline debit (also known as signature debit)

Electronic Purse Card System.

It should be noted that one physical card can include the functions of an online debit card, an

offline debit card and an electronic purse card.

Although many debit cards are of the Visa or MasterCard brand, there are many other types of

debit card, each accepted only within a particular country or region, for example Switch (now:

Maestro) and Solo in the United Kingdom, Interac in Canada, Carte Bleue in France, Laser in

Ireland, "EC electronic cash"in Germany and EFTPOS cards in Australia and New Zealand.

The need for cross-border compatibility and the advent of the euro recently led to many of these

card networks being re-branded with the internationally recognised Maestro logo, which is part

of the MasterCard brand.

Some debit cards are dual branded with the logo of the (former) national card as well as Maestro

(e.g. EC cards in Germany, Laser cards in Ireland, Switch and Solo in the UK, Pinpas cards in

the Netherlands, Bancontact cards in Belgium, etc.).

Online Debit System

Online debit cards require electronic authorization of every transaction and the debits are

reflected in the user‘s account immediately. The transaction may be additionally secured with the

personal identification number (PIN) authentication system and some online cards require such

authentication for every transaction, essentially becoming enhanced automatic teller machine

(ATM) cards.

One difficulty in using online debit cards is the necessity of an electronic authorization device at

the point of sale (POS) and sometimes also a separate PINpad to enter the PIN, although this is

becoming commonplace for all card transactions in many countries. Overall, the online debit

card is generally viewed as superior to the offline debit card because of its more secure

authentication system and live status, which alleviates problems with processing lag on

transactions that may only issue online debit cards. Some on-line debit systems are using the

normal authentication processes of Internet banking to provide real-time on-line debit

transactions. The most notable of these are Ideal and POLi.


Offline Debit System

Offline debit cards have the logos of major credit cards (e.g. Visa or MasterCard) or major debit

cards (e.g. Maestro in the United Kingdom and other countries, but not the United States) and are

used at the point of sale like a credit card (with payer's signature). This type of debit card may be

subject to a daily limit, and/or a maximum limit equal to the current/checking account balance

from which it draws funds.

[edit] Electronic Purse Card System

Smart-card-based electronic purse systems (in which value is stored on the card chip, not in an

externally recorded account, so that machines accepting the card need no network connectivity)

are in use throughout Europe since the mid-1990s, most notably in Germany (Geldkarte), Austria

(Quick) Switzerland (CASH). In Austria and Germany, all current bank cards now include

electronic purses.

Prepaid Debit Card

Prepaid debit cards, also called reloadable debit cards or reloadable prepaid cards, are often used

for recurring payments. The payer loads funds to the cardholder's card account. Prepaid debit

cards use either the offline debit system or the online debit system to access these funds.

Particularly for companies with a large number of payment recipients abroad, prepaid debit cards

allow the delivery of international payments without the delays and fees associated with

international checks and bank transfers. Providers include Caxton FX prepaid cards, Escape

prepaid cards and Travelex prepaid cards.

Advantages and Disadvantages

Debit and check cards, as they have become widespread, have revealed numerous advantages

and disadvantages to the consumer and retailer alike.

Advantages are as follows:

A consumer who is not credit worthy and may find it difficult or impossible to obtain a

credit card can more easily obtain a debit card, allowing him/her to make plastic

transactions.

For most transactions, a check card can be used to avoid check writing altogether. Check

cards debit funds from the user's account on the spot, thereby finalizing the transaction at

the time of purchase

Like credit cards, debit cards are accepted by merchants with less identification and

scrutiny than personal checks, thereby making transactions quicker and less intrusive.

Unlike a credit card, which charges higher fees and interest rates when a cash advance is

obtained, a debit card may be used to obtain cash from an ATM or a PIN-based

transaction at no extra charge, other than a foreign ATM fee.

The Debit card has many disadvantages as opposed to cash or credit:


Use of a debit card is not usually limited to the existing funds in the account to which it is

linked, most banks allow a certain threshold over the available bank balance which can

cause overdraft fees if the customer does not depend on their own records of spending.

Many banks are now charging over-limit fees or non-sufficient funds fees based upon

pre-authorizations, and even attempted but refused transactions by the merchant (some of

which may not even be known by the client).

Many merchants mistakenly believe that amounts owed can be "taken" from a customer's

account after a debit card (or number) has been presented, without agreement as to date,

payee name, amount and currency, thus causing penalty fees for overdrafts, over-the-

limit, amounts not available causing further rejections or overdrafts, and rejected

transactions by some banks.

In some countries debit cards offer lower levels of security protection than credit cards.

Theft of the users PIN using skimming devices can be accomplished much easier with a

PIN input than with a signature-based credit transaction

In many places, laws protect the consumer from fraud much less than with a credit card.

While the holder of a credit card is legally responsible for only a minimal amount of a

fraudulent transaction made with a credit card, which is often waived by the bank, the

consumer may be held liable for hundreds of dollars, or even the entire value of

fraudulent debit transactions. The consumer also has a shorter time (usually just two

days) to report such fraud to the bank in order to be eligible for such a waiver with a debit

card[8]

, whereas with a credit card, this time may be up to 60 days. A thief who obtains or

clones a debit card along with its PIN may be able to clean out the consumer's bank

account, and the consumer will have no recourse.

3 Smart card

A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with

embedded integrated circuits. There are two broad categories of ICCs. Memory cards contain

only non-volatile memory storage components, and perhaps dedicated security logic.

Microprocessor cards contain volatile memory and microprocessor components. The card is

made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile butadiene styrene or

polycarbonate .

Smart cards may also provide strong security authentication for single sign-on within large

organizations.

A smart card may have the following generic characteristics:

Dimensions similar to those of a credit card. ID-1 of the ISO/IEC 7810 standard defines

cards as nominally 85.60 by 53.98 millimetres (3.370 × 2.125 in). Another popular size is

ID-000 which is nominally 25 by 15 millimetres (0.984 × 0.591 in) (commonly used in

SIM cards). Both are 0.76 millimetres (0.030 in) thick.

Contains a tamper-resistant security system (for example a secure cryptoprocessor and a

secure file system) and provides security services (e.g. protects in-memory information).


Managed by an administration system which securely interchanges information and

configuration settings with the card, controlling card blacklisting and application-data

updates.

Communicates with external services via card-reading devices, such as ticket readers,

ATMs, etc.

Benefits

Smart cards can provide identification, authentication, data storage and application processing

Types of debit cards

Contact smart card

Contact smart cards have a contact area of approximately 1 square centimetre (0.16 sq in),

comprising several gold-plated contact pads. These pad provide electrical connectivity when

inserted into a reader.

The ISO/IEC 7810 and ISO/IEC 7816 series of standards define:

physical shape and characteristics

electrical connector positions and shapes

electrical characteristics

communications protocols, including commands sent to and responses from the card

basic functionality

Cards do not contain batteries; energy is supplied by the card reader.

Signals

Reader

Contact smart card readers are used as a communications medium between the smart card and a

host, e.g. a computer, a point of sale terminal, or a mobile telephone.

Because the chips in financial cards are the same Subscriber Identity Module (SIM) as in mobile

phones, programmed differently and embedded in a different piece of PVC, chip manufacturers

are building to the more demanding GSM/3G standards.

Contactless smart card

A second card type is the contactless smart card, in which the card communicates with and is

powered by the reader through RF induction technology (at data rates of 106 to 848

kilobits/second). These cards require only proximity to an antenna to communicate. They are


often used for quick or hands-free transactions such as paying for public transportation without

removing the card from a wallet.

ISO/IEC 14443 is the standard for contactless smart card communications. It defines two types

of contactless cards ("A" and "B"). Proposals for ISO/IEC 14443 types C, D, E, F and G have

been rejected by the International Organization for Standardization

Examples of widely used contactless smart cards are Hong Kong's Octopus card, Shanghai's

Public Transportation Card, Moscow's Transport/Social Card, South Korea's T-money (bus,

subway, taxi).

Hybrids

Dual-interface cards implement contactless and contact interfaces on a single card with some

shared storage and processing. An example is Porto's multi-application transport card, called

Andante, that uses a chip with both contact and contactless interfaces.

Applications

Computer security

The Mozilla Firefox web browser can use smart cards to store certificates for use in secure web

browsing.

Smart cards are also used for single sign-on to log on to computers.

Financial

Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for

pay television, household utility pre-payment cards, high-security identification and access-

control cards, and public transport and public phone payment cards.

Smart cards may also be used as electronic wallets. The smart card chip can be "loaded" with

funds to pay parking meters and vending machines or at various merchants.

Health care (medical)

Smart health cards can improve the security and privacy of patient information, provide a secure

carrier for portable medical records, reduce health care fraud, support new processes for portable

medical records, provide secure access to emergency medical information, enable compliance

with government initiatives and mandates, and provide the platform to implement other

applications as needed by the health care organization.

Identification

A quickly growing application is in digital identification. In this application, the cards

authenticate identity. The most common example employs PKI. The card stores an encrypted

digital certificate issued from the PKI provider along with other relevant information.

The first smart card driver's license system in the world was issued in 1995 in Mendoza province


of Argentina

Other

Smart cards are widely used to protect digital television streams. VideoGuard is a specific

example of how smart card security worked (and was cracked).

Security

Smart cards have been advertised as suitable for personal identification tasks, because they are

engineered to be tamper resistant. The chip usually implements some cryptographic algorithm.

There are, however, several methods for recovering some of the algorithm's internal state.

Differential power analysis

Differential power analysis[17]

involves measuring the precise time and electrical current required

for certain encryption or decryption operations. This can deduce the on-chip private key used by

public key algorithms such as RSA. Some implementations of symmetric ciphers can be

vulnerable to timing or power attacks as well.

Physical disassembly

Smart cards can be physically disassembled by using acid, abrasives, or some other technique to

obtain unrestricted access to the on-board microprocessor.

Problems

The plastic card in which the chip is embedded is fairly flexible, and the larger the chip, the

higher the probability that normal use could damage it.

Cards are often carried in wallets or pockets—a harsh environment for a chip. However, for

large banking systems, failure-management costs can be more than offset by fraud reduction.

Using a smart card for mass transit presents a privacy risk, because it allows the mass transit

operator (and the government) to track an individual's movement.

Another problem is the lack of standards for functionality and security. To address this problem,

The Berlin Group launched the Project to propose "a new functional and security framework for

smart-card based Point of Interaction (POI) equipment".

4 Definition of E-Money

Electronic money (also known as e-currency, e-money, electronic cash, electronic currency,

digital money, digital cash or digital currency) refers to money or scrip which is only

exchanged electronically. Typically, this involves the use of computer networks, the internet and

digital stored value systems.

Electronic Funds Transfer (EFT) and direct deposit are all examples of electronic money. Also, it


is a collective term for financial cryptography and technologies enabling it.

While electronic money has been an interesting problem for cryptography, to date, the use of e-

money has been relatively low-scale. One rare success has been Hong Kong's Octopus card

system, which started as a transit payment system and has grown into a widely used electronic

money system. Two other cities have implemented functioning electronic money systems. Very

similar to Hong Kong's Octopus card, Singapore has an electronic money program for its public

transportation system (commuter trains, bus, etc.). The Netherlands has also implemented an

electronic money system known as Chipknip, which is based upon the same system in Hong

Kong.

A number of electronic money systems use Contactless payment transfer in order to facilitate

easy payment and give the payee more confidence in not letting go of their electronic wallet

during the transaction.

2]E-money refers to any money that is only transferred electronically. Digital currency providers

may make their money selling the e-currency to consumers or by charging transaction fees to

change e-money into actual currency. Several e-money scripts are eCash, eCache, WebMoney,

Google Checkout and Gogopay. Digital currency can offer more privacy than debit and credit

card transactions.

Electronic money systems

In technical terms, electronic money is an online representation, or a system of debits and credits,

used to exchange value within another system, or within itself as a stand alone system.

Occasionally, the term electronic money is also used to refer to the provider itself. A private

currency may use gold to provide extra security, such as digital gold currency.

Centralised systems

Many systems—such as Paypal, WebMoney, cashU, and Hub Culture's Ven—will sell their

electronic currency directly to the end user, but other systems only sell through third party digital

currency exchangers.

In the case of Octopus card in Hong Kong, electronic money deposits work similarly to regular

bank deposits. After Octopus Card Limited receives money for deposit from users, the money is

deposited into a bank. This is similar to debit-card-issuing banks redepositing money at central

banks.

Decentralised systems

Decentralised electronic money systems include:

Bitcoin, an anonymous distributed electronic money system

Ripple monetary system, a project to develop a distributed system of electronic money

independent of local currency.

PKTP, a pseudonymous distributed electronic money system


Offline 'anonymous' systems

In the use of offline electronic money, the merchant does not need to interact with the bank

before accepting money from the user. Instead merchants can collect monies spent by users and

deposit them later with the bank. In principle this could be done offline, i.e. the merchant could

go to the bank with his storage media to exchange e-money for cash. Nevertheless the merchant

is guaranteed that the user's e-money will either be accepted by the bank, or the bank will be able

to identify and punish the cheating user. In this way a user is prevented from spending the same

funds twice (double-spending). Offline e-money schemes also need to protect against cheating

merchants, i.e. merchants that want to deposit money twice (and then blame the user).

Issues

Although electronic money can provide many benefits—such as convenience and privacy,

increased efficiency of transactions, lower transaction fees, and new business opportunities with

the expansion of economic activities on the Internet—there are many potential issues with the

use of e-money.

The transfer of digital currencies raises local issues such as how to levy taxes or the possible ease

of money laundering,total amount of electronic money versus the total amount of real money

available, basically the possibility that digital cash could exceed the real cash available.

Another issue is related to computer crime, in which computer criminals may actually alter

computer databases to steal electronic money or by reducing an account's amount of electronic

money.

Similarities Between E-Money and Credit Cards

Both e-money and credit cards are frequently used in online purchases.

Both online transactions using credit cards and e-money require the Internet to send money.

Both forms of currency can be used anywhere in the world if the vendor accepts that means of

payment.

Both credit card transactions and e-money via digital currencies require trust between sender and

receiver.

Both e-money and credit cards rely on the same advances in encryption to transfer information

digitally.

Differences Between E-Money and Credit Cards

E-money when used to transfer legal tender between vendors or individuals can be exchanged

for cash.

Digital currencies are not legal tender, though that currency may be traded with the local

currency.

E-money transactions typically have fewer fraud protections if any.

E-money does not charge interest because it is not a loan.

If someone does not pay a debt owed for a transaction with e-money, they may not be able to sue

the other party; they may only be able to report the problem to the e-money provider.

5 Marketing on the web, marketing strategies, advertising on the web

Internet marketing, also referred to as i-marketing, web-marketing, online-marketing or e-


Marketing, is the marketing of products or services over the Internet.

The Internet has brought media to a global audience. The interactive nature of Internet marketing

in terms of providing instant responses and eliciting responses are the unique qualities of the

medium. Internet marketing is sometimes considered to be broad in scope because it not only

refers to marketing on the Internet, but also includes marketing done via e-mail and wireless

media. Management of digital customer data and electronic customer relationship management

(ECRM) systems are also often grouped together under internet marketing.

Internet marketing ties together creative and technical aspects of the Internet, including: design,

development, advertising, and sales.

Internet marketing also refers to the placement of media along many different stages of the

customer engagement cycle through search engine marketing (SEM), search engine optimization

(SEO), banner ads on specific websites, e-mail marketing, and Web 2.0 strategies.

Business models

Internet marketing is associated with several business models:

e-commerce – this is where goods are sold directly to consumers (B2C) or businesses

(B2B)

lead-based websites – an organization that generates value by acquiring sales leads from

its website

affiliate marketing – the process in which a product or service developed by one entity (e-

commerce business, single person, or a combination) is sold by other active sellers for a

share of profits. The entity of the product may provide some marketing material (sales

letter, affiliate link, tracking facility)

local internet marketing – through which a small company utilizes the Internet to find and

nurture relationships, which are to be used for real-world advantage.

blackhat marketing – this is a form of internet marketing which employs deceptive,

abusive, or less than truthful methods to drive web traffic to a website or affiliate

marketing offer. This method sometimes includes spam, cloaking within search engine

result pages, or routing users to pages they didn't initially request.

One-to-one approach

The targeted user is typically browsing the Internet alone therefore the marketing messages can

reach them personally. This approach is used in search marketing, where the advertisements are

based on search engine keywords entered by the users.

Appeal to specific interests

Internet marketing and geo marketing places an emphasis on marketing that appeals to a specific


behaviour or interest, rather than reaching out to a broadly defined demographic. "On- and Off-

line" marketers typically segment their markets according to age group, gender, geography, and

other general factors. Marketers have the luxury of targeting by activity and geolocation. For

example, a kayak company can post advertisements on kayaking and canoeing websites with the

full knowledge that the audience has a related interest.

Geo-targeting

Geo targeting (in internet marketing) and geo marketing are the methods of determining the

geolocation (the physical location) of a website visitor with geolocation software, and delivering

different content to that visitor based on his or her location, such as country, region/state, city,

metro code/zip code, organization, Internet Protocol (IP) address, ISP or other criteria.

Advantages

Internet marketing is relatively inexpensive when compared to the ratio of cost against the reach

of the target audience. Therefore, businesses have the advantage of appealing to consumers in a

medium that can bring results quickly. The strategy and overall effectiveness of marketing

campaigns depend on business goals and cost-volume-profit (CVP) analysis.

Internet marketers also have the advantage of measuring statistics easily and inexpensively.

Nearly all aspects of an Internet marketing campaign can be traced, measured, and tested. The

advertisers can use a variety of methods: pay per impression, pay per click, pay per play, or pay

per action. Therefore, marketers can determine which messages or offerings are more appealing

to the audience.

Because exposure, response, and overall efficiency of Internet media are easier to track than

traditional off-line media—through the use of web analytics for instance—Internet marketing

can offer a greater sense of accountability for advertisers.

Limitations

From the buyer's perspective, the inability of shoppers to touch, smell, taste or "try on" tangible

goods before making an online purchase can be limiting. However, there is an industry standard

for e-commerce vendors to reassure customers by having liberal return policies as well as

providing in-store pick-up services.

Security concerns

Information security is important both to companies and consumers that participate in online

business. Many consumers are hesitant to purchase items over the Internet because they do not

trust that their personal information will remain private.

Some companies that purchase customer information offer the option for individuals to have

their information removed from the database, also known as opting out. However, many

customers are unaware if and when their information is being shared, and are unable to stop the

transfer of their information between companies if such activity occurs.

Another major security concern that consumers have with e-commerce merchants is whether or


not they will receive exactly what they purchase. Online merchants have attempted to address

this concern by investing in and building strong consumer brands (e.g., Amazon.com, eBay,

Overstock.com), and by leveraging merchant/feedback rating systems and e-commerce bonding

solutions. All of these solutions attempt to assure consumers that their transactions will be free of

problems because the merchants can be trusted to provide reliable products and services.

Additionally, the major online payment mechanisms (credit cards, PayPal, Google Checkout,

etc.) have also provided back-end buyer protection systems to address problems if they actually

do occur.

Effects on industries

The number of banks offering the ability to perform banking tasks over the internet has also

increased. Online banking appeals to customers because it is often faster and considered more

convenient than visiting bank branches.]

Internet auctions have become a multi-billion dollar business. Unique items that could only

previously be found at flea markets are now being sold on Internet auction websites such as

eBay. Specialized e-stores sell an almost endless amount of items ranging from antiques, movie

props, clothing, gadgets and much more. As the premier online reselling platform, eBay is often

used as a price-basis for specialized items. Buyers and sellers often look at prices on the website

before going to flea markets; the price shown on eBay often becomes the item's selling price.

In addition to the major effect internet marketing has had on the technology industry, the effect

on the advertising industry itself has been profound.

This has had a growing impact on the electoral process. During the 2007 primaries candidates

added, on average, over 500 social network supporters per day to help spread their message.[10]

President Barack Obama raised over US$1 million in a single day during his extensive

Democratic candidacy campaign, largely due to online donors.[11]

What is a Web Marketing Strategy?

Web or Internet Marketing strategies form the cornerstones of your online business, and outline

in general terms what is required to make your business a success (for example, driving potential

customers to your website). Ideally you should consider and write out the different elements of

your overall marketing strategy before you do anything else.

Internet Marketing Tactics

Achieving the aims set out in your web marketing strategy means taking action and

implementing various marketing tactics. This is where it gets difficult. The problem is knowing

which web marketing tactics actually work, or just as importantly – which don't. There's so much

hype and misinformation about marketing online that it's often difficult to find the truth. Many

end up using incorrect or outdated Internet marketing strategies and tactics that have them

working hard but getting nowhere.

Advertising on the web

Online advertising is a form of promotion that uses the Internet and World Wide Web for the

expressed purpose of delivering marketing messages to attract customers. Examples of online


advertising include contextual ads on search engine results pages, banner ads, Rich Media Ads,

Social network advertising, interstitial ads, online classified advertising, advertising networks

and e-mail marketing, including e-mail spam.

Competitive advantage over traditional advertising

One major benefit of online advertising is the immediate publishing of information and content

that is not limited by geography or time. To that end, the emerging area of interactive advertising

presents fresh challenges for advertisers who have hitherto adopted an interruptive strategy.

Another benefit is the efficiency of advertiser's investment. Online advertising allows for the

customization of advertisements, including content and posted websites. For example, AdWords,

Yahoo! Search Marketing and AdSense enable ads to be shown on relevant web pages or

alongside search results of related keywords.

Revenue models

The three most common ways in which online advertising is purchased are CPM, CPC, and

CPA.

CPM (Cost Per Mille), also called "Cost Per Thousand (CPT), is where advertisers pay

for exposure of their message to a specific audience. " Per mille" means per

thousand impressions, or loads of an advertisement. However, some impressions may not

be counted, such as a reload or internal user action.

CPV (Cost Per Visitor) is where advertisers pay for the delivery of a Targeted Visitor to

the advertisers website.

CPV (Cost Per View) is when an advertiser pays for each unique user view of an

advertisement or website (usually used with pop-ups, pop-unders and interstitial ads).

CPC (Cost Per Click) is also known as Pay per click (PPC). Advertisers pay each time a

user clicks on their listing and is redirected to their website. They do not actually pay for

the listing, but only when the listing is clicked on. This system allows advertising

specialists to refine searches and gain information about their market.

CPA (Cost Per Action) or (Cost Per Acquisition) advertising is performance based and

is common in the affiliate marketing sector of the business. In this payment scheme,

the publisher takes all the risk of running the ad, and the advertiser pays only for the

amount of users who complete a transaction, such as a purchase or sign-up. This is the

best type of rate to pay for banner advertisements and the worst type of rate to charge.

o Similarly, CPL (Cost Per Lead) advertising is identical to CPA advertising and

is based on the user completing a form, registering for a newsletter or some other

action that the merchant feels will lead to a sale.

o Also common, CPO (Cost Per Order) advertising is based on each time an order

is transacted.

o CPE ( Cost Per Engagement) is a form of Cost Per Action pricing first


introduced in March 2008. Differing from cost-per-impression or cost-per-click

models, a CPE model means advertising impressions are free and advertisers pay

only when a user engages with their specific ad unit. Engagement is defined as a

user interacting with an ad in any number of ways.[3]

Cost per conversion Describes the cost of acquiring a customer, typically calculated by

dividing the total cost of an ad campaign by the number of conversions. The definition of

"Conversion" varies depending on the situation: it is sometimes considered to be a lead, a

sale, or a purchase.

Types

The large majority of online advertising has a cost that is brought about by usage or interaction

of an ad, there are a few other methods of advertising online that only require a one time

payment. The Million Dollar Homepage is a very successful example of this. Visitors were able

to pay $1 per pixel of advertising space and their advert would remain on the homepage for as

long as the website exists with no extra costs.

Floating ad: An ad which moves across the user's screen or floats above the content.

Expanding ad: An ad which changes size and which may alter the contents of the

webpage.

Polite ad: A method by which a large ad will be downloaded in smaller pieces to

minimize the disruption of the content being viewed

Wallpaper ad: An ad which changes the background of the page being viewed.

Trick banner: A banner ad that looks like a dialog box with buttons. It simulates an error

message or an alert.

Pop-up: A new window which opens in front of the current one, displaying an

advertisement, or entire webpage.

Pop-under: Similar to a Pop-Up except that the window is loaded or sent behind the

current window so that the user does not see it until they close one or more active

windows.

Video ad: similar to a banner ad, except that instead of a static or animated image, actual

moving video clips are displayed. This is the kind of advertising most prominent in

television, and many advertisers will use the same clips for both television and online

advertising.

Map ad: text or graphics linked from, and appearing in or over, a location on an

electronic map such as on Google Maps.

Mobile ad: an SMS text or multi-media message sent to a cell phone.

Interstitial ad: a full-page ad that appears before a user reaches their original destination.


E-mail advertising

Legitimate Email advertising or E-mail marketing is often known as "opt-in e-mail advertising"

to distinguish it from spam.

Affiliate marketing

Affiliate marketing is a form of online advertising where advertisers place campaigns with a

potentially large number of small (and large) publishers, whom are only paid media fees when

traffic to the advertiser is garnered, and usually upon a specific measurable campaign result (a

form, a sale, a sign-up, etc).

Contextual advertising

Many advertising networks display graphical or text-only ads that correspond to the keywords of

an Internet search or to the content of the page on which the ad is shown. These ads are believed

to have a greater chance of attracting a user, because they tend to contain content relevant to the

user's search query. For example, a search query for "flowers" might return an advertisement for

a florist's website.

Behavioral targeting

In addition to contextual targeting, online advertising can be targeted based on a user's past

clickstream. For example, if a user is known to have recently visited a number of automotive

shopping / comparison sites based on clickstream analysis enabled by cookies stored on the

user's computer, that user can then be served auto-related ads when they visit other, non-

automotive sites.

Semantic advertising

Semantic advertising applies semantic analysis techniques to web pages. The process is meant to

accurately interpret and classify the meaning and/or main subject of the page and then populate it

with targeted advertising spots. By closely linking content to advertising, it is assumed that the

viewer will be more likely to show an interest (i.e., through engagement) in the advertised

product or service.

1 customer service and support

The significance of customer service eludes many senior executives, let alone the methods of

establishing and managing customer service standards and quality. Our own experiences as

customers demonstrate all the time that many large organizations fail particularly to empower

customer-facing and call-centre staff, and also fail to design policies and systems to empower

customer-facing staff and enable effective customer service. Often these are defensive strategies

because staff are not trusted, and because competition is feared, or because simply the policy-

makers and systems-designers are too far removed from customers and their customer service

expectations.

Benefits of effective customer service


The central aim of effective customer service and call-centres is retaining customers, but when

an organization gets this right the acquisition of new customers - and so many other things -

automatically becomes much easier too.

Retaining customers - enabled by excellent customer service - produces many positive benefits

for the organization aside from the obvious revenue and profit results:

Retaining customers through effective customer service enables easier growth, indirectly

and directly, for example by sustaining healthier volumes and margins, and by business

expansion from word-of-mouth referrals.

High levels of customer retention via effective customer service also improves staff

morale and motivation. No-one enjoys working for an organization that feels like a

sinking ship, or where stressful arguments or pressures prevail. When customers are

happy, all the staff are happier too - and more productive.

Improved staff morale and motivation resulting from reducing customer attrition also

positively benefits staff retention and turnover, recruitment quality and costs, stress,

grievance, discipline and counselling pressures.

Reduced customer attrition and upset naturally reduces litigation and legal problems,

from customers or fair trading laws.

Retaining customers also enables the whole organization - especially middle-managers -

to focus more on proactive opportunities (growth, innovation, development, etc) rather

than reactive fire-fighting, crisis management, failure analysis, and the negative high

pressures to win replacement business.

Having a culture of delighting and retaining customers fuels positive publicity and

reputation in the media, and increasingly on the web in blogs and forums, etc. The

converse applies of course, when nowadays just one disgruntled customer and a

reasonable network of web friends can easily cause a significant public relations

headache.

Customer service code of practice (british standard BS 8477)

While other customer service standards exist in various forms around the world the British

Standards Institute offers a useful and authoritative interpretation which will transfer to most

situations.

The British Standard Code of Practice for Customer Service was published by the British

Standards Institute (BSI) and became effective on 16 April 2007, under the authority of the BSI

Technical Committee responsible for Relationship Management Systems.

As a Code of Practice, this standard is one of guidance and recommendation - it is not a formal

or mandatory specification and should not be offered, implemented or quoted as such.

The Introduction of the code of practice references the Harvard Business Review in summarizing

the main benefits of improving customer satisfaction via effective customer service as being (the


'3Rs'):

retention

related sales

referrals

It also refers to the research by the (British) Institute of Customer Service (ICS) in identifying

the most important elements of service delivery according to customers:

1. timeliness

2. appearance

3. courtesy

4. quality and efficiency

5. ease of doing business

6. problem-solving

These are interpreted into an alternative set of '3Rs' for effective non-commercial, public sector

customer services and service delivery:

responsive

reliable

respectful

BSI suggests that the Customer Service Code of Practice will assist organisations to:

1. Establish effective customer service mechanisms

2. Improve competitiveness

3. Differentiate their offering via innovative customer services

4. Build customer loyalty through positive customer service experience

5. Increase customer retention

6. Attract new customers via word of mouth

7. Reduce marketing costs

8. Increase service efficiency

9. Reduce complaints and complaints handling resources and costs

10. Improve compliance with consumer trading laws


11. Improve services and accountability (especially for public sector organizations)

12. Develop and sustain organization-wide focus on customers and quality

13. Improve ease of dealing with organization for customers

These Customer Service Principles are outlined and regarded as essential:

1. Commitment (at all levels)

2. Credibility (keep promises)

3. Culture (customer service ethos)

4. Competencies (of staff - in recruitment, training and assessment)

5. Responsibility (clear and supported with suitable authority - with at least one person

responsible for customer problems)

6. Resources (adequate for effectiveness)

7. Identification and management of all customer service issues

8. Quality (of customer service - relevant input and review)

9. Feedback (enabled for customers and employees)

10. Continual improvement (to meet or exceed customer expectations)

11. Internal customers (establish concept and communications)

The code of practice outlines the Implementation obligations for each main group of workers,

(critically within which is the appointment of a dedicated customer service manager):

1. Top management - establish resources, responsibilities, processes, reporting,

empowerment, culture, etc

2. Customer service management - detailed processes, financial management of customer

services, staffing and training, legal, complaints handling and escalation

3. Employees - awareness of customer services aims, responsibilities and benefits

4. Customer service employees - competent, aware, committed, etc

And outlines principles for the Maintenance of effective customer services, entailing:

1. Feedback - staff, customers, systems

2. Audits

3. Benchmarking

4. Complaints


The code of practice also contains an annex covering the Recruitment, Competencies and

Training of Customer Services Employees, also covering motivational factors and

recommendations, conduct and behavioural development. The customer service staff

competencies are summarised as:

1. Interpersonal and empathy

2. Communication

3. Handling stress

4. Active listening

5. Team-working

6. Problem-solving and complaints-handling

7. Product and organization knowledge

8. Commitment to aims and values of organization

Customer service tips for organizations and leaders

For organizations needing to improve their customer service, gathering and reviewing customer

complaints is the quickest way to draft an action list. Consulting customer service staff is also

essential.

For all organizations, customer complaints and feedback from customer-facing staff will keep

you constantly aware of areas to improve to keep up with changing markets needs and

expectations.

Treat complaints about service failures like precious gems, because they are that valuable.

So welcome and encourage complaints, don't fear or hide from them, or pretend you are fantastic

because you (make sure that you) don't get any complaints.

Make it as easy for people to complain as to buy. There's a challenge for you..

Here are some common mistakes that organizations make about customer service and complaints

handling in particular:

don't..

Make it difficult for people to complain, e.g., long-winded contact method on your

website.

Make it difficult for customer service staff to give feedback and to influence customer

service systems and policies.

Treat the customer service function like a battery hen farm.


Fail to have a complaints handling process which you have tested and had approved by

complaining customers.

Fail to appoint anyone responsible for managing complaints handling.

Fail to inform staff about the value of complaints and the need to encourage and respond

to them.

Refuse to escalate complaints and problems, or make escalation to a higher level difficult.

Refuse to give customers the names of senior managers and executives and their contact

details.

Fail to put free or local-rate customer services phone numbers on your invoices and

website.

Fail to show clearly and make available your head office contact details.

Fail to expose senior managers and executives to complaining customers.

Pretend to have a customer service department but merely outsource a basic message-

taking service.

Offer an automated telephone menu system which excludes appropriate and easy options

to complain.

Design punitive termination penalties for customers wishing to cancel their contracts and

instruct your customer service staff to use such threats freely and forcefully.

instead do..

Check your culture. This comes from the top and pervades everything. So this is ultimately for

the CEO or the shareholders to start changing if it's not right.

There is little point in implementing a wonderfully robust and logical customer service code of

practice if your culture can't support it.

So this section is really all about culture and particularly how you treat staff ans customers. All

the rest is relatively easy and mechanical for any decent modern management team, because

aside from culture, customer service relies on sensible service and pricing strategies and the

processes to sell and deliver then and to sort out problems. What makes the real difference is

how you involve and treat people within these processes. Which all comes back to culture.

The culture must be one of really honestly respecting and valuing staff and customers. When you

have this culture the human element gets to work: relationships and communications work,

problems are solved, internally and externally people focus on looking after colleagues and

customers, rather than merely working systems, executing processes and adhering to policies.

The organisation has life - becomes organic - rather than operating as an inflexible machine or a

set of instructions.


In the context of customer service, a good indication of culture is how easy it is to complain. In

lots of big organizations it's actually very difficult to complain, and even more difficult to

complain and be taken seriously.

You must make it easy for people - customers and staff - to contact you and complain, by email,

post and especially by phone, and to every level in your organization - especially to the CEO.

Executives who never see complaints are deluding themselves. On the pretext of protecting their

precious executive time, countless senior managers and executives are oblivious of what is

happening in their business. Worse still this ostrich-like example teaches all managers that

avoiding complaints is the way to manage customers, which as a customer service strategy is

what might technically be referred to as a load of bollocks. Ask your customers what they think

about senior managers and executives hiding from complaints and most people will use far

stronger terms than that.

Executives who hide from complaints also tend to develop a culture among managers and all

staff that is scared of complaints, which naturally causes people to cover up complaints and to

distort complaints and failure statistics even when asked to report on them.

Megalomaniac, autocratic and egocentric leaders are particularly prone to this syndrome, in

which customer satisfaction information is obscured and massaged so that the entire senior

management moves from denial to blissful ignorance, while the customer service staff continue

to act as a super-absorbent firewall, until one day - when the customer churn is nudging 25% -

the board finally realises that they do indeed have a problem, and that the market and the

competition and the customers - and the customer service staff - are not to blame for it. The

problem is the leadership: the culture, the systems, the policies, the strategies - out of step with

what the customers need and expect.

Interestingly this stems from the insecurity which drives certain traditional leadership styles and

cultures, in which criticism is seen as a threat rather than a useful reflective and improvement

aid. If you are one of these leaders please go get some therapy before you do any more harm to

your staff and customers. Arrogance and bluster are not effective behaviours by which to run a

proper business in the 21st century, let alone to encourage and inspire employees and managers

to strive for customer service excellence.

Instead expose yourself to all the complaints you can find. Remember - you would normally pay

a researcher lots of money for this information. And each complaint gives you the chance to

solve a customer's problem, which often means that you then get to keep that customer for life.

To do this you will need to check that your complaint handling process works for your most

awkward customers and for your most passive customers. This will turn many of your most

awkward customers into your best customers, and some of your most passive customers into

awkward customers, but you will now be receiving complaints, which if you were not seeing any

before is a major advance.

With all these new complaints you will need some expert input and ideas about how to improve

things. Lucky for you, your employees are the world's best experts at improving your services to

your customers, so it makes sense to ask for their help.


Obviously ensure your customers' complaints are resolved along the way, and equally

importantly, help the organization to develop the capability (and culture) to identify the causes of

problems and to rectify the root causes, to prevent the problems happening again.

It's a lot simple when you get the culture right. Open all the communications. Encourage

complaints. Fix the problems and the systems. Utilise your people to contribute to the whole

process.

2 Introduction to m-Commerce

Mobile Commerce, or m-Commerce, is about the explosion of applications and services that are

becoming accessible from Internet-enabled mobile devices. It involves new technologies,

services and business models. It is quite different from traditional e-Commerce.

Mobile phones impose very different constraints than desktop computers. But they also open the

door to a slew of new applications and services. They follow you wherever you go, making it

possible to look for a nearby restaurant, stay in touch with colleagues, or pay for items at a store.

As the Internet finds its way into our purses or shirt pockets, the devices we use to access it are

becoming more personal too. Already today, mobile phones know the phone numbers of our

friends and colleagues. They are starting to track our location. Tomorrow, they will replace our

wallets and credit cards. One day, they may very well turn into intelligent assistants capable of

anticipating many of our wishes and needs, such as automatically arranging for taxis to come and

pick us up after business meetings or providing us with summaries of relevant news and

messages left by colleagues. But, for all these changes to happen, key issues of interoperability,

usability, security, and privacy still need to be addressed.

Motivating Factors for M-Commerce

Internet use has grown to such a level on the strength of PC networks. Due to the huge base of

installed PCs, which is predicted to grow in a faster pace in the days to come, electronic

commerce and other communication applications are bound to thrive further. Also, these

computing systems will have greater power and storage capability, the best ever price-

performance ratios, more powerful and sophisticated applications will likely emerge for desktop

computing and the Internet. However, there are two major limitations on PCs. First , users have

to sit in front of them, PCs, even portable-notebook computers, have to load software, dial into

and connect with a network service provider and await for the initial process to be accomplished

before launching an Internet application.

It is predicted that by 2004, the installed base of mobile phones worldwide will exceed 1 billion -

more than twice the number of PCs at that time. In addition that, there will be a huge increase in

other wireless portable devices, such as wireless PDA. The advantage with these wireless

devices is they do not need no booting process and thus facilitating immediate usage of them.

This makes them attractive for quick-hit applications.

M-Commerce Applications

The general m-commerce applications are categorized as transaction management, digital

content delivery and telemetry services. The applications can be further subdivided into passive

and active m-commerce applications. Active application relates with the applications in which


the user has to take the initiative on his wireless device. In contrast, the passive applications

themselves get activated towards accomplishing the assigned jobs or facilitate the users to carry

forward.

Active Applications

M-commerce transactions point to online shopping Web sites tailored to mobile phones and

PDAs which are being equipped with the capabilities of browsing, selection, purchase, payment

and delivery. These sites also include all the necessary shopping features, such as online

catalogs, shopping carts, and back office functions as currently available for desktop computers.

Leading online booksellers already started the commercial activities for wireless devices.

Another important m-commerce transaction is to initiate and pay for purchases and services in

real time. When individuals reach for their e-cash-equipped mobile phones or PDAs instead of

coins to settle micro transactions, such as subway fees, widespread use of digital cash will

become a reality.

The second important one is regarding digital content delivery. Wireless devices can retrieve

status information, such as weather, transit schedules, flash news, sports scores, ticket

availability and market prices, instantly from the providers of information and directory services.

Digital products, such as MP3 music, software, high-resolution images and full-motion

advertising messages, can be easily downloaded to and used in wireless devices when the 3G

transmission technology becomes usable..

The last major application of m-commerce is telemetry services, which include the monitoring of

space flights, meteorological data transmission, video-conference, the Global Positioning System

(Global Positioning System), wildlife tracking, camera control robotics, and oceanography. Thus

in the near future, wireless phones and appliances can be used by people to contact and

communicate with various devices from their homes, offices or any where at any time.

Passive Applications

This type of applications seems manifold and exciting. Instead of using dedicated cash cards for

automatic collection of toll charges, digital cash can be used by integrating cash cards with

mobile devices. Mobile users can easily pay and record payment of toll, mass-transit, fast-food,

and other other transactions

Nowadays mobile users can send and receive short text messages up to 160 characters that show

up on the user's display screen. As digital convergence becomes more commonplace, all kinds of

mail, such as e-mail, fax documents and digitized voice mail, can be received passively. Further

on, users may be tempted for some services free of cost for viewing audio or video advertisement

delivered to their wireless devices. Airline companies are testing this technology to alert

frequent air passengers regarding seat availability and upgradation, to notify the changes made in

the timings etc. through wireless devices.


UNIT-3.


e-Government (short for electronic government, also known as e-gov, digital government,

online government, or connected government) is creating a comfortable, transparent, and cheap

interaction between government and citizens (G2C – government to citizens), government and

business enterprises (G2B –government to business enterprises) and relationship between

governments (G2G – inter-agency relationship).

There are four domains of e-government namely, governance, information and communication

technology(ICT), business process re-engineering(BPR)and e-citizen.

Definitions of e-Government and e-Governance abound in literature. Definitions for e-

Government and e-Governance range from the working definitions like ―the ability for anyone

visiting the city website to communicate and/or interact with the city via the Internet in any way

more sophisticated than a simple email letter to the generic city email address provided at the

site‖ to ―the use of technology to enhance the access to and delivery of government services to

benefit citizens, business partners and employees‖.

Delivery models and activities of e-Government

The primary delivery models of e-Government can be divided into:

Government-to-Citizen or Government-to-Consumer (G2C)

Government-to-Business (G2B)

Government-to-Government (G2G)

Government-to-Employees (G2E)

Within each of these interaction domains, four kinds of activities take place

pushing information over the Internet, e.g.: regulatory services, general holidays, public

hearing schedules, issue briefs, notifications, etc.

two-way communications between the agency and the citizen, a business, or another

government agency. In this model, users can engage in dialogue with agencies and post

problems, comments, or requests to the agency.

conducting transactions, e.g.: lodging tax returns, applying for services and grants.

governance, e.g.: online polling, voting, and campaigning.


Non-internet e-Government

While e-government is often thought of as "online government" or "Internet-based government,"

many non-Internet "electronic government" technologies can be used in this context. Some non-

Internet forms include telephone, fax, PDA, SMS text messaging, MMS, wireless networks and

services, Bluetooth, CCTV, tracking systems, RFID, biometric identification, road traffic

management and regulatory enforcement, identity cards, smart cards and other Near Field

Communication applications; polling station technology (where non-online e-voting is being

considered), TV and radio-based delivery of government services (e.g., CSMW), email, online

community facilities, newsgroups and electronic mailing lists, online chat, and instant messaging

technologies.

Potential benefits and risks of e-Government

I]Risks

There are many considerations and potential implications of implementing and designing e-

government, including disintermediation of the government and its citizens, impacts on

economic, social, and political factors, vulnerability to cyber attacks, and disturbances to the

status quo in these areas..

1]Hyper-surveillance

Increased contact between government and its citizens goes both ways. Once e-government

begins to develop and become more sophisticated, citizens will be forced to interact

electronically with the government on a larger scale. This could potentially lead to a lack of

privacy for civilians as their government obtains more and more information on them. In a worse

case scenario, with so much information being passed electronically between government and

civilians, a totalitarian-like system could develop. When the government has easy access to

countless information on its citizens, personal privacy is lost.

2]Cost

Although ―a prodigious amount of money has been spent‖ on the development and

implementation of e-government, some say it has yielded only a mediocre product. The

outcomes and effects of trial Internet-based governments are often difficult to gauge or

unsatisfactory.

3]Inaccessibility

An e-government site that provides web access and support often does not offer the ―potential to

reach many users including those who live in remote areas, are homebound, have low literacy

levels, exist on poverty line incomes, suffer from chronic illness, are single parents or older

adults.‖


4]False sense of transparency and accountability

Opponents of e-government argue that online governmental transparency is dubious because it is

maintained by the governments themselves. Information can be added or removed from the

public eye (i.e. the Internet) with or without public notice. For example, after the World Trade

Center in New York City was attacked on September 11, 2001, United States federal officials

removed a large amount of government information from its websites in the name of national

security. This act went relatively unnoticed by United States citizens. To this day, very few

organizations monitor and provide accountability for these modifications.. Even the governments

themselves do not always keep track of the information they insert and delete.

II] Benefits

It is convenient and cost-effective for businesses, and the public benefits by getting easy access

to the most current information available without having to spend time, energy and money to get

it.

E-government helps simplify processes and makes access to government information more easily

accessible for public sector agencies and citizens. For example, the Indiana Bureau of Motor

Vehicles simplified the process of certifying driver records to be admitted in county court

proceedings. Indiana became the first state to allow government records to be digitally signed,

legally certified and delivered electronically by using Electronic Postmark technologyThe

anticipated benefits of e-government include efficiency, improved services, better accessibility of

public services, and more transparency and accountability.

Democratization

One goal of e-government will be greater citizen participation. Through the internet, people from

all over the country can interact with politicians or public servants and make their voices heard.

Blogging and interactive surveys will allow politicians or public servants to see the views of the

people they represent on any given issue. Chat rooms can place citizens in real-time contact with

elected officials, their offices or provide them with the means to replace them by interacting

directly with public servants, allowing voters to have a direct impact and influence in their

government. These technologies can create a more transparent government, allowing voters to

immediately see how and why their representation in the capital is voting the way they are. This

helps voters better decide who to vote for in the future or how to help the public servants become

more productive. A government could theoretically move more towards a true democracy with

the proper application of e-government. Government transparency will give insight to the public

on how decisions are made and hold elected officials or public servants accountable for their

actions.

Environmental bonuses

Proponents of e-government argue that online government services would lessen the need for

hard copy forms. Due to recent pressures from environmentalist groups, the media, and the

public, some governments and organizations have turned to the Internet to reduce this paper use.

The United States government utilizes the website http://www.forms.gov to provide ―internal

government forms for federal employees‖ and thus ―produce significant savings in paper.


Speed, efficiency, and convenience

E-government allows citizens to interact with computers to achieve objectives at any time and

any location, and eliminates the necessity for physical travel to government agents sitting behind

desks and windows. Improved accounting and record keeping can be noted through

computerization, and information and forms can be easily accessed, equaling quicker processing

time. On the administrative side, access to help find or retrieve files and linked information can

now be stored in databases versus hardcopies stored in various locations.

Public approval

Recent trials of e-government have been met with acceptance and eagerness from the public.

Citizens participate in online discussions of political issues with increasing frequency, and young

people, who traditionally display minimal interest in government affairs, are drawn to e-voting

procedures.

Although internet-based governmental programs have been criticized for lack of reliable privacy

policies, studies have shown that people value prosecution of offenders over personal

confidentiality.

The Generic Models

Broadcasting / Wider-Dissemination Model

Critical Flow Model

Comparative Analysis Model

E-Advocacy/ Lobbying and Pressure Group Model

Interactive- Service Model

Broadcasting / Wider-Dissemination Model

Underlying Principle

The model is based on dissemination / broadcasting of useful governance information which is

in the public domain into the wider public domain through the use of ICT and convergent media.

The strength of the model rests upon the fact that a more informed citizenry is better able to

judge the functioning of existing governance mechanisms and make an informed opinion about

them. As a consequence, they become more empowered to exercise their Rights and

Responsibilities.

The widespread application of this model corrects "information failure situations" by providing

people with the relevant information relating to the governance sphere to make an informed

opinion and impact governance processes.

Further, the use of ICT opens up an alternative channel for people to access information as well

as validate existing information from different sources.


Applications

This model could be applied in the following possible ways:

Putting Governmental Laws and Legislations online.

Making available the names, contact addresses, emails, fax numbers of local/ regional/

national government officials online.

Make available information pertaining to Governmental Plans, Budgets, Expenditures,

and Performances online.

Putting key Judicial decisions which are of value to general citizens and create a

precedence for future actions online. viz. key Environmental Decisions, State vs. Citizen

decisions etc.

Some Organisations / Projects based on such models

India: Directory of Official Websites of Government of India

National Informatics Centre (India) is the official website of the Government of India which

makes available Ministerial Information, Indian Laws and Legislations Online, Contact Details

etc. online for public access.

http://goidirectory.nic.in/exe.htm#min (Parent Website : http://www.nic.in)

Brazil: Official government website

The website provides comprehensive information on Brazilian government as well as

links to integrated citizen services.

http://www.brazil.gov.br

South Africa: The PIMS Monitor

Idasa's Political Information and Monitoring Service (PIMS) providing an easy-to-use

reference and record (with plain-language summaries) of all bills, acts and policy

documents that pass through parliament. The Monitor aims to help audience engage with

democracy, intervene in the legislative process and make submissions to parliament in

South Africa.

http://www.pims.org.za/monitor/

Global: Earth Negotiations Bulletin

A reporting service which keeps informed citizens worldwide about global environmental

negotiations, processes and decisions. It has a great value for citizens and even government

officials in developing countries to keep track of global negotiations taking place in the West and

be more informed about them.

http://www.iisd.ca/voltoc.html (Parent Website : http://www.iisd.ca)

Online Newspapers, Newsgroups and Portal Sites - these are instrumental in bringing key

political and other important information into the wider public domain.

Conclusion

The Broadcast Model is stepping stone to more complex Digital Governance models. And yet, it


is also the most crucial one as it enhances 'access' and 'flow' of information in the society which

is the foundation for better governance. In several developing counties, even the most basic

information to impact governance is unavailable. The use of this model minimizes un-informed

decision-making through correction of information failures (un-availability of information) at all

levels.

National and Local Governments in developing countries need to aggressively adopt this model

if they want to enhance participation of citizens in the governance processes. Simultaneously,

the civil society should demand access to governance information to influence decisions which

affect them.

The model loses its effectiveness in cases where the free-flow of information is restricted (lack

of information sharing culture and in cases of Optimal Ignorance). Optimal Ignorance occurs

when injudicious decisions are taken not in the absence of information but because of disregard

of available information by citizens and decision-makers. Further, tight governmental controls to

censor information and use of ICT tools could prove to be the bane of this model.

CRITICAL FLOW MODEL


The model is based on broadcasting or dissemination information of 'critical' value (which by its

very nature will not be disclosed by those involved with bad governance practices) to targeted

audience using ICT and convergent media. . Targeted audience may include, media, opposition

parties, judicial bench, independent investigators or the wider public domain itself.

The use of this model requires a foresight of:

Understanding the "critcal and use value" of a particular information set

How or from where this information could be obtained

How could the information be used strategically

Who are the best target group for such information- the users for whom the availability of

this information will make a huge difference

The strength of this model is that the concept of 'distance' and 'time' becomes redundant when

information is hosted on a digital network. Once available on the digital network, the information

could be used advantageously- by instantly transferring the critical information to its user group

located anywhere or by making it freely available in the wider public domain.

Applications


Making available Corruption related data about a particular Ministry / Division/ Officials

online to its electoral constituency or to the concerned regulatory body.

Making available Research studies, Enquiry reports, Impact studies commissioned by the

Government or Independent commissions to the affected parties.

Making Human Rights Violations cases violations freely available to Judiciary, NGOs


and concerned citizens.

Making available information that is usually suppressed, for instance, Environmental

Information on radioactivity spills, effluents discharge, information on green ratings of

the company to concerned community.

Example of organisations / projects based on Broadcasting Model

Global: Transparency International -Daily Corruption News : A trial service is being run

by Transparency International called the "The Daily Corruption News" which reports on

corruption from around the world. The daily corruption news has been coming out since

May 2000.

Bangladesh : Human Rights Portal

http://www.banglarights.net

The portal will actively promote human rights reforms both within Bangladesh and across

geographical and political boundaries, and will support women, children, and

marginalized communities in resisting social oppression. It will look at attempts by

global forces (powerful governments, TNCs, international organizations) through

surveillance, covert mechanisms and military and economic superiority to exploit and

control smaller nations and communities.

India: Central Vigilance Committee

http://cvc.nic.in

The website provides free-access information to citizens about government officials who

have been indicted on judicial charges relating to corruption and have been advised

penalty. People can also file complaints against any public servant who fall within the

jurisdiction of the Commission.

China: Human Rights in China

Human Rights in China (HRIC) is an international non-governmental organization

founded by Chinese scientists and scholars in March 1989. It strives to make information

on human rights issues accessible to the Chinese people through short-wave Chinese

radio broadcasts, overseas Chinese publications, and an evolving virtual media hub on

human rights.

Comparative Analysis Model


Comparative Knowledge Model is one of the least-used but a highly significant model for

developing country which is now gradually gaining acceptance. The model can be used for

empowering people by matching cases of bad governance with those of good governance, and

then analyzing the different aspects of bad governance and its impact on the people.

The model is based on using ICT to explore information available in the public or private domain

and comparing it with the known information sets. The outcome is strategic learnings and

arguments, for instance, if a given amount of money can build '5' schools in village 'A' then why

does the same amount of money build only '2' schools in village 'B'?


The strength of this model lies in the infinite capacity of digital networks to store varied

information and retrieve and transmit it instantly across all geographical and hierarchal barriers.

Applications/ Possible Projects


To learn from past policies and actions and derive learning lessons for future policy-

making.

To evaluate the effectiveness of the current policies and identify key learnings in terms of

strengths and flaws in the policies.

To effectively establish conditions of Precedence, especially in the case of Judicial or

legal decision-making (example for resolving patent-related disputes, public goods

ownership rights), and use it to influence/ advocate future decision-making.

To enable informed decision-making at all levels by enhancing the background

knowledge and also providing a rationale for action.

To evaluate the performance and track-record of a particular decision-maker/ decision-

making body.

Organisations / Projects based on such models

Global: Human Development Indicators - The Human Development Report of UNDP

makes use of archived Statistical information pertaining to literacy, health, national

income etc. as a benchmark to assess the progress made by different countries with

regards to their Human Development Index and suggests policy recommendations based

on that.

Many countries now also prepare national level indicators to compare progress made in different

states in a country.

http://hdr.undp.org/reports/view_reports.cfm?type=3

India: Comparative Learning from Disasters : In the wake of earthquake in Kutch in India

(January 2001), there was a lot of comparative learning relating to disaster management

drawn from a high intensity earthquake which shook Latur in India in 1993. The

extensive information available on internet on both these earthquakes open up vast scope

of comparison by all segments of the society.

http://www.cddc.vt.edu/digitalgov/Latur-Gujarat.htm

(a presentation by Mr.Praveen Singh Pardesi- Indian Administrative Service (IAS) officer of the

Maharashtra cadre and currently Joint Secretary to the Chief Minister of Maharashtra, India)

Comparison of different Disasters can make people realise that damages to life and property

incurred are not just a factor of intensity of the disaster but also dependent on the preparedness of

the Government machinery and conducive government policies to handle that disaster.

Also see: Comparative Damages from Disasters in 1999

http://www.guycarp.com/pdf/nathaz_99.pdf


conclusion

Developing countries could very effectively use this comparative model as ICT opens their

access to the global and local knowledge products at a relatively low -cost. The model is very

much based on the existing sets of information but requires the ability to analyse and bring out

strong arguments which could then be used to catalyze existing efforts towards self governance.

There is a vast scope of application of this model for Judicial advocacy as Landmark/Key

Judgments of the past could be used as precedence for influencing future decision- making.

Further, watch-guard organizations and monitor-groups can use this model to continuously track

the governance past record and performance and compare with different information sets.

The model however becomes ineffective in absence of a strong civil society interest and public

memory which is essential to force decision-makers to improve existing governance practices.

E-Advocacy / Mobilization and Lobbying Model


E-Advocacy / Mobilization and Lobbying Model is one of the most frequently used Digital

Governance model and has often come to the aid of the global civil society to impact on global

decision-making processes.

The model is based on setting-up a planned, directed flow of information to build strong virtual

allies to complement actions in the real world. Virtual communities are formed which share

similar values and concerns, and these communities in turn link up with or support real-life

groups/ activities for concerted action. The model builds the momentum of real-world processes

by adding the opinions and concerns expressed by virtual communities.

The strength of this model is in its diversity of the virtual community, and the ideas, expertise

and resources accumulated through this virtual form of networking. The model is able to

mobilize and leverage human resources and information beyond geographical, institutional and

bureaucratic barriers, and use it for concerted action.

Applications


Fostering public debates on issue of larger concerns, namely on the themes of upcoming

conferences, treaties etc.

Formation of pressure groups on key issues to force decision-makers to take their

concerns into cognisance.

Making available opinions of a suppressed groups who are not involved in the decision-

making process into wider public domain.

Catalysing wider participation in decision-making processes.

Building up global expertise on a particular theme in absence of localised information to

aid decision-making.


Organisations / Projects based on such models

Global: Greenpeace Cyber-activist Community - an effort towards creation of virtual

communities to mobilise global support against some of the disputable environmental

policies/ actions of the Government. Since the cyberactivist system began in June 2000,

there are now 116794.0 registered cyberactivists, who participated in 357003 action alerts

and sent 160597 e-cards to individuals and organizations.

http://cybercentre.greenpeace.org/t/s/community_articles

Global: Drop the Debt Campaign - the campaign spreads awareness of their activities

through emails and mobilises support of concerned individuals, and encourages them to

directly express their concern to key decision-makers (by making available their email

and other contact addresses).

http://www.jubileeusa.org/

Global: Independent Media Centre - The Center was established by various independent

and alternative media organizations and activists for the purpose of providing grassroots

coverage of the World Trade Organization (WTO) protests in Seattle lin 1999. The

center acted as a clearinghouse of information for journalists, and provided up-to-the-

minute reports, photos, audio and video footage through its website.

http://www.indymedia.org/

conclusion

This model has grown manifold since the onset of debates on the Seattle round of World Trade

Organisation in 1999, which saw the formation of several virtual communities to express their

concerns in the WTO agreements. The display of a unified, informed civil society force at Seattle

was in some ways a result of the intensive interaction and exchange of opinion happening over

the virtual networks months prior to this WTO summit. There was a lot of concerted actions at

the

INTERACTIVE SERVICES MODEL


Interactive-Service model is a consolidation of the earlier presented digital governance models

and opens up avenues for direct participation of individuals in the governance processes.

Fundamentally, ICT have the potential to bring in every individual in a digital network and

enable interactive (two-way) flow of information amongt them. The potential of ICT for the

governance is fully leveraged in this model and leads and can bring lead to greater objectivity

and transparency in decision-making processes.

Under this model, the various services offered by the Government become directly available to


its citizens in an interactive manner. It does so by opening up an interactive Government to

Consumer to Government (G2C2G) channel in various aspects of governance, such as election of

government officials (e-ballots); online grievance-redressal; sharing of concerns and providing

expertise; opinion polls on public issues etc.

Applications


To establish an interactive communication channels with key policy-makers and

members of Planning Commissions.

To conduct electronic ballots for the election of government officials and other office

bearers.

To conduct public debates / opinion polls on issues of wider concern before formulation

of policies and legislative frameworks.

Filing of grievances, feedback and reports by citizens with the concerned governmental

body.

Establishing decentralised forms of governance.

Performing governance functions online such as revenue collection, filing of taxes,

governmental procurement, payment transfer etc.

Example of organisations / projects based on Broadcasting Model

India: Gyandoot Gyandoot is an intranet in Dhar district connecting rural cybercafes

catering to the everyday needs of the masses. The site has following services to offer in

addition to the hope that it has generated by networking, the first district in the state of

Madhya Pradesh in India

o Commodity/ Agricultural Marketing Information System

o Copies of land maps

o On-Line Registration of Applications

Conclusion

The model firmly relies on the interactive applications of ICT and therefore is a technology and

cost - intensive model which will require a transition period before being adopted on a wider

scale, especially in the Developing Countries. It would also require elemental familiarity of ICT

among the citizens to fully benefit from this model. Nevertheless, the diminishing costs of ICT

and the advantages offered by this technology would certainly catalyse the penetration of this

model. Intermediary organisations and Knowledge Networkers will have a tremendous role to

play in widespread replication of this model

Regional level as an end result of such discussions which built into the global movement.


UNIT-3 & 4.


application of data warehousing and data mining in e-government


Case studies: NICNET-role of nation wide networking


UNIT-5.


Challenges and approach to e-government security

Who pays for e-government?

Like any government infrastructure project, e-government can be done in phases and the costs of

implementation will depend on current infrastructure availability, supplier and user capabilities,

and mode of service delivery (whether through the Internet or through telephone hotlines and

one-stop shops). The more complicated and sophisticated the kind of services the government

wants to offer, the more expensive it is.

Governments should focus on small, self-financing or outsourced projects. Because e-

government projects must be financially sustainable, there must be a revenue/ cost-reduction

model in place from the beginning. Smaller projects with a clear revenue-generation strategy and

minimal initial investment are the most likely to be sustainable over the long term. For instance,

Web sites are one of the easiest and cheapest ways to achieve high impact e-government with a

minimum of investment.

e-Government projects are, more often than not, long-term endeavors, requiring large capital

infusion in software, hardware, infrastructure and training. A viable financing plan should not

only pay for the immediate needs to jumpstart e-government; it must also consider its long-term

financing options for the sustainability of the project.

There are various business models for funding e-government projects, and the private sector

plays a critical role in these. Under partnership arrangements, the private sector builds, finances

and operates public infrastructure such as roads and airports, recovering costs through user

charges. Various financing schemes exist—from soft and development assistance loans from

donor/multilateral aid agencies to partnerships and outsourcing deals with private third party

vendors under special financing schemes (e.g., the Build-Operate-Transfer or BOT scheme) that

can minimize the initial cost to government.

Cooperation, rather than competition, with the private sector can facilitate effective e-

government. Government can encourage private sector investment by complementing and

supporting private sector efforts rather than duplicating them. The key to e-government is to

improve citizen access to service delivery, not further expand the role of government.

Government should not attempt to create products and services where public-private partnerships

or private service providers can adequately provide these products and services more efficiently

and effectively.

How do you get the wider public to actually use e-government services?

Any sound e-government policy must consider a citizen-centered approach. This means that e-

government should be an end-user or demand-driven service.

However, many citizens do not use e-government for several reasons, among these unfamiliarity

with ICT, lack of access, lack of training, and concerns about privacy and security of

information.

While e-government may provide ease and convenience in the delivery of public services, and

offer innovative government services, none of these will prompt citizen use unless the concerns

mentioned above are first addressed.


Security concern in e-commerce

Introduction

This article presents an overview of security and privacy concerns based on our experiences as

developers of WebSphere® Commerce. WebSphere Commerce is business middleware that

accelerates the development of any business transaction-oriented application, from the smallest

online retailer to B2B portals, to supply chain management applications. For many of our clients,

WebSphere Commerce provides an integrated platform that runs both their customer facing

online shopping sites, and their internal distributor or supplier portals as shown in Figure 1.

Figure 1. Common WebSphere Commerce business model

What is e-Commerce?

e-Commerce refers to the exchange of goods and services over the Internet. All major retail

brands have an online presence, and many brands have no associated bricks and mortar presence.

However, e-Commerce also applies to business to business transactions, for example, between

manufacturers and suppliers or distributors.

In the online retail space, there are a number of models that retailers can adopt. Traditionally, the

Web presence has been kept distinct from the bricks and mortar presence, so transactions were

limited to buying online and delivering the goods or services. The online presence is also

important for researching a product that a customer can purchase later in the store. Recently,

there has been a trend towards multi-channel retail, allowing new models such as purchasing

online and picking up in store.

e-Commerce systems are also relevant for the services industry. For example, online banking and

brokerage services allow customers to retrieve bank statements online, transfer funds, pay credit

card bills, apply for and receive approval for a new mortgage, buy and sell securities, and get

financial guidance and information.

Security overview

A secure system accomplishes its task with no unintended side effects. Using the analogy of a

house to represent the system, you decide to carve out a piece of your front door to give your

pets' easy access to the outdoors. However, the hole is too large, giving access to burglars. You

have created an unintended implication and therefore, an insecure system.

In the software industry, security has two different perspectives. In the software development

community, it describes the security features of a system. Common security features are ensuring

passwords that are at least six characters long and encryption of sensitive data. For software

consumers, it is protection against attacks rather than specific features of the system. Your house

may have the latest alarm system and windows with bars, but if you leave your doors unlocked,

despite the number of security features your system has, it is still insecure. Hence, security is not

a number of features, but a system process. The weakest link in the chain determines the security


of the system. In this article, we focus on possible attack scenarios in an e-Commerce system and

provide preventive strategies, including security features, that you can implement.

Security has three main concepts: confidentiality, integrity, and availability. Confidentiality

allows only authorized parties to read protected information. For example, if the postman reads

your mail, this is a breach of your privacy. Integrity ensures data remains as is from the sender to

the receiver. If someone added an extra bill to the envelope, which contained your credit card

bill, he has violated the integrity of the mail. Availability ensures you have access and are

authorized to resources. If the post office destroys your mail or the postman takes one year to

deliver your mail, he has impacted the availability of your mail.

Security features

While security features do not guarantee a secure system, they are necessary to build a secure

system. Security features have four categories:

Authentication: Verifies who you say you are. It enforces that you are the only one

allowed to logon to your Internet banking account.

Authorization: Allows only you to manipulate your resources in specific ways. This

prevents you from increasing the balance of your account or deleting a bill.

Encryption: Deals with information hiding. It ensures you cannot spy on others during

Internet banking transactions.

Auditing: Keeps a record of operations. Merchants use auditing to prove that you bought

a specific merchandise.

The criminal incentive

Attacks against e-Commerce Web sites are so alarming, they follow right after violent crimes in

the news. Practically every month, there is an announcement of an attack on a major Web site

where sensitive information is obtained. Why is e-Commerce vulnerable? Is e-Commerce

software more insecure compared to other software? Did the number of criminals in the world

increase? The developers producing e-Commerce software are pulled from the same pool of

developers as those who work on other software. In fact, this relatively new field is an attraction

for top talent. Therefore, the quality of software being produced is relatively the same compared

to other products. The criminal population did not undergo a sudden explosion, but the incentives

of an e-Commerce exploit are a bargain compared to other illegal opportunities.

Compared to robbing a bank, the tools necessary to perform an attack on the Internet is fairly

cheap. The criminal only needs access to a computer and an Internet connection. On the other

hand, a bank robbery may require firearms, a getaway car, and tools to crack a safe, but these

may still not be enough. Hence, the low cost of entry to an e-Commerce site attracts the broader

criminal population.

The payoff of a successful attack is unimaginable. If you were to take a penny from every

account at any one of the major banks, it easily amounts to several million dollars. The local

bank robber optimistically expects a windfall in the tens of thousands of dollars. Bank branches


do not keep a lot of cash on hand. The majority is represented in bits and bytes sitting on a hard

disk or zipping through a network.

While the local bank robber is restricted to the several branches in his region, his online

counterpart can choose from the thousands of banks with an online operation. The online bank

robber can rob a bank in another country, taking advantage of non-existent extradition rules

between the country where the attack originated, and the country where the attack is destined.

Back to top

Points the attacker can target

As mentioned, the vulnerability of a system exists at the entry and exit points within the system.

Figure 3 shows an e-Commerce system with several points that the attacker can target:

Shopper

Shopper' computer

Network connection between shopper and Web site's server

Web site's server

Software vendor

Sniffing the network

In this scheme, the attacker monitors the data between the shopper's computer and the server. He

collects data about the shopper or steals personal information, such as credit card numbers.

There are points in the network where this attack is more practical than others. If the attacker sits

in the middle of the network, then within the scope of the Internet, this attack becomes

impractical. A request from the client to the server computer is broken up into small pieces

known as packets as it leaves the client's computer and is reconstructed at the server. The packets

of a request is sent through different routes. The attacker cannot access all the packets of a

request and cannot decipher what message was sent.

Take the example of a shopper in Toronto purchasing goods from a store in Los Angeles. Some

packets for a request are routed through New York, where others are routed through Chicago. A

more practical location for this attack is near the shopper's computer or the server. Wireless hubs

make attacks on the shopper's computer network the better choice because most wireless hubs

are shipped with security features disabled. This allows an attacker to easily scan unencrypted

traffic from the user's computer.

Figure 4. Attacker sniffing the network between client and server

Guessing passwords

Another common attack is to guess a user's password. This style of attack is manual or


automated. Manual attacks are laborious, and only successful if the attacker knows something

about the shopper. For example, if the shopper uses their child's name as the password.

Automated attacks have a higher likelihood of success, because the probability of guessing a user

ID/password becomes more significant as the number of tries increases. Tools exist that use all

the words in the dictionary to test user ID/password combinations, or that attack popular user

ID/password combinations. The attacker can automate to go against multiple sites at one time.

Using denial of service attacks

The denial of service attack is one of the best examples of impacting site availability. It involves

getting the server to perform a large number of mundane tasks, exceeding the capacity of the

server to cope with any other task. For example, if everyone in a large meeting asks you your

name all at once, and every time you answer, they ask you again. You have experienced a

personal denial of service attack. To ask a computer its name, you use ping. You can use ping to

build an effective DoS attack. The smart hacker gets the server to use more computational

resources in processing the request than the adversary does in generating the request.

Using server root exploits

Root exploits refer to techniques that gain super user access to the server. This is the most

coveted type of exploit because the possibilities are limitless. When you attack a shopper or his

computer, you can only affect one individual. With a root exploit, you gain control of the

merchants and all the shoppers' information on the site. There are two main types of root

exploits: buffer overflow attacks and executing scripts against a server.

In a buffer overflow attack, the hacker takes advantage of specific type of computer program bug

that involves the allocation of storage during program execution. The technique involves tricking

the server into execute code written by the attacker.

The other technique uses knowledge of scripts that are executed by the server. This is easily and

freely found in the programming guides for the server. The attacker tries to construct scripts in

the URL of his browser to retrieve information from his server. This technique is frequently used

when the attacker is trying to retrieve data from the server's database.

Defenses

Despite the existence of hackers and crackers, e-Commerce remains a safe and secure activity.

The resources available to large companies involved in e-Commerce are enormous. These

companies will pursue every legal route to protect their customers. Figure 6 shows a high-level

illustration of defenses available against attacks.

Figure 6. Attacks and their defenses

At the end of the day, your system is only as secure as the people who use it. Education is the

best way to ensure that your customers take appropriate precautions:


Install personal firewalls for the client machines.

Store confidential information in encrypted form.

Encrypt the stream using the Secure Socket Layer (SSL) protocol to protect information

flowing between the client and the e-Commerce Web site.

Use appropriate password policies, firewalls, and routine external security audits.

Use threat model analysis, strict development policies, and external security audits to

protect ISV software running the Web site.

Education

Your system is only as secure as the people who use it. If a shopper chooses a weak password, or

does not keep their password confidential, then an attacker can pose as that user. This is

significant if the compromised password belongs to an administrator of the system. In this case,

there is likely physical security involved because the administrator client may not be exposed

outside the firewall. Users need to use good judgement when giving out information, and be

educated about possible phishing schemes and other social engineering attacks.

Personal firewalls

When connecting your computer to a network, it becomes vulnerable to attack. A personal

firewall helps protect your computer by limiting the types of traffic initiated by and directed to

your computer. The intruder can also scan the hard drive to detect any stored passwords.

Secure Socket Layer (SSL)

Secure Socket Layer (SSL) is a protocol that encrypts data between the shopper's computer and

the site's server. When an SSL-protected page is requested, the browser identifies the server as a

trusted entity and initiates a handshake to pass encryption key information back and forth. Now,

on subsequent requests to the server, the information flowing back and forth is encrypted so that

a hacker sniffing the network cannot read the contents.

Server firewalls

A firewall is like the moat surrounding a castle. It ensures that requests can only enter the system

from specified ports, and in some cases, ensures that all accesses are only from certain physical

machines.

A common technique is to setup a demilitarized zone (DMZ) using two firewalls. The outer

firewall has ports open that allow ingoing and outgoing HTTP requests. This allows the client

browser to communicate with the server. A second firewall sits behind the e-Commerce servers.

This firewall is heavily fortified, and only requests from trusted servers on specific ports are

allowed through. Both firewalls use intrusion detection software to detect any unauthorized

access attempts.


Another common technique used in conjunction with a DMZ is a honey pot server. A honey pot

is a resource (for example, a fake payment server) placed in the DMZ to fool the hacker into

thinking he has penetrated the inner wall. These servers are closely monitored, and any access by

an attacker is detected.

Figure 10. Firewalls and honey pots

Password policies

Security best practices remain largely an art rather than a science, but there are some good

guidelines and standards that all developers of e-Commerce software should follow.

Using cookies

One of the issues faced by Web site designers is maintaining a secure session with a client over

subsequent requests. Because HTTP is stateless, unless some kind of session token is passed

back and forth on every request, the server has no way to link together requests made by the

same person. Cookies are a popular mechanism for this. An identifier for the user or session is

stored in a cookie and read on every request. You can The primary use of cookies is to store

authentication and session information, your information, and your preferences. A secondary and

controversial usage of cookies is to track the activities of users.

Different types of cookies are:

Temporary cookies: These cookies are valid only for the lifetime of your current session,

and are deleted when you close your browser. These are usually the good type. They are

mostly used to keep your session information.

Permanent cookies: These are for a time period, specified by the site, on the shopper's

computer. They recall your previous session information.

Server-only cookies: These cookies are usually harmless, and are only used by the server

that issued them.

Third-party cookies: These are usually used for tracking purposes by a site other than the

one you are visiting. Your browser or a P3P policy can filter these cookies.

If you do not want to store cookies, here are other alternatives:

Send user ID/password on every request: This was popular 5-10 years ago, but now

recognized as an insecure technique. The user ID/password flowing under non-SSL is

susceptible to attacks. This alternative is not practical for a high volume site. Pages that

run under SSL would slow down site performance.

SSL client side authentication: This is the most secure, but it is cumbersome for shoppers

to install on their browsers. You have to pay for a company to verify who you are and to

issue a certificate. The popularity of this technique for client-side authentication has

decreased in recent years. It remains very popular on server sites.


URL rewriting: This is a popular alternative to cookies. Each HTTP link on the page is

specially encoded, but it is expensive for the site to implement. It interferes with the

performance of the site because the pages cannot be cached and reused for different

users. This alternative is susceptible to attack if it is not used under SSL.

Using threat models to prevent exploits

security for server computers

Protecting Your Network from Hackers, Viruses and Malicious Software

If you have a server-based network, it's critically important to protect your server from hackers,

viruses, and other malicious software. If your server is compromised, it can jeopardize the safety

and security of your company's entire network and all its data. Here are some ways you can

protect your network against attack:

Your server has built-in security features. Use them. If configuring your server's security

settings is beyond the scope of your technical expertise, hire an expert to do it. While this

will cost you a little more up front, the price you'll pay to secure your network is miniscule

when compared to the cost of responding to and recovering from a hacked server.

Firewalls are essential. Software firewalls are sufficient for small networks, but if your

network is large or spread out, you may want to run a hardware firewall in conjunction with

your server. A hardware firewall will control access to your network's computers from a

single point, making it easier to monitor, and theoretically, more secure. But at the bare

minimum, your server needs a software firewall.

Software patches are vital to server and network security. When a new threat emerges, be it

a virus, worm, or Trojan horse, antivirus software developers issue software patches, or

updates, that close up the security hole that the malicious program has exploited. If you're

running an old version of a server operating system, your server could be vulnerable to

attack. Not having the latest version of your server's software installed is akin to not getting

immunized against eradicated diseases; the cure is out there, but you just haven't bothered to

take your medicine.

Unrestricted server permissions and passwords should be given to as few people as possible.

Use strong passwords, and keep them strictly confidential. (For more information on

developing password protocol for your business, check out Five Rules for Developing Safe

and Sane Password Protocol for Your Small Business.)


Physical security is just as important as password security, if not more so. Protecting your

servers from the elements — and criminals — is essential. A closet is usually perfect for one

or two servers; no windows and a single locking door reduce the chance of your servers

being damaged. Lock up the room or closet whenever it's not in use, and distribute keys only

to employees who absolutely need them. Also, store your server computers up off the floor,

either on special racks designed for that purpose, or in some other manner, to keep them

from being damaged by floods or leaks

communication channel security

Covert channel

In Computer Security, a covert channel is a type of computer security attack that creates a

capability to transfer information objects between processes that are not supposed to be allowed

to communicate by the computer security policy.

Characteristics

A covert channel is so called because it is hidden from the access control mechanisms of ultra

high assurance secure operating systems since it does not use the legitimate data transfer

mechanisms of the computer system such as read and write, and therefore cannot be detected or

controlled by the hardware based security mechanisms that underlie ultra high assurance secure

operating systems. Covert channels are exceedingly hard to install in real systems, and can often

be detected by monitoring system performance; in addition, they suffer from a low signal-to-

noise ratio and low data rates (on the order of a few bits per second). They can also be removed

manually with a high degree of assurance from secure systems by well established covert

channel analysis strategies.

Covert channels are distinct from, and often confused with legitimate channel exploitations that

attack low assurance pseudo-secure systems using schemes such as steganography or even less

sophisticated schemes to disguise prohibited objects inside of legitimate information objects.

This legitimate channel misuse by data hiding schemes is specifically not covert channels and

can be prevented by ultra high assurance secure OSs.

Covert channels can tunnel through secure operating systems and require special measures to

control. Covert channel analysis is the only proven way to control covert channels. By contrast,

secure operating systems can easily prevent misuse of legitimate channels. Distinguishing these

is important.

TCSEC criteria

The Trusted Computer Security Evaluation Criteria (TCSEC) is a set of criteria established by

the National Computer Security Center, an agency managed by the United States' National


Security Agency.

Lampson's definition of a covert channel was paraphrased in the TCSEC [2]

specifically to refer

to ways of transferring information from a higher classification compartment to a lower

classification. In a shared processing environment, it is difficult to completely insulate one

process from the effects another process can have on the operating environment. A covert

channel is created by a sender process that modulates some condition (such as free space,

availability of some service, wait time to execute) that can be detected by a receiving process.

The TCSEC defines two kinds of covert channels:

Storage channels - Communicate by modifying a stored object

Timing channels - Perform operations that affect the relative timing of events

The TCSEC, also known as the Orange Book,[3]

requires analysis of covert storage channels to

be classified as a B2 system and analysis of covert timing channels is a requirement for class B3.

Eliminating covert channels

The possibility of covert channels cannot be completely eliminated, although it can be

significantly reduced by careful design and analysis.

The detection of a covert channel can be made more difficult by using characteristics of the

communications medium for the legitimate channel that are never controlled or examined by

legitimate users. For example, a file can be opened and closed by a program in a specific, timed

pattern that can be detected by another program, and the pattern can be interpreted as a string of

bits, forming a covert channel. Since it is unlikely that legitimate users will check for patterns of

file opening and closing operations, this type of covert channel can remain undetected for long

periods.

A similar case is port knocking. In usual communications the timing of requests is irrelevant and

unwatched. Port knocking makes it significant.

security for client computers.

A thin client (sometimes also called a lean or slim client) is a computer or a computer program

which depends heavily on some other computer (its server) to fulfill its traditional computational

roles. This stands in contrast to the traditional fat client, a computer designed to take on these

roles by itself. The exact roles assumed by the server may vary, from providing data persistence

(for example, for diskless nodes) to actual information processing on the client's behalf.

Thin clients occur as components of a broader computer infrastructure, where many clients share

their computations with the same server. As such, thin client infrastructures can be viewed as the

amortization of some computing service across several user-interfaces. This is desirable in

contexts where individual fat clients have much more functionality or power than the

infrastructure either requires or uses. This can be contrasted, for example, with grid computing.

The most common type of modern thin client is a low-end computer terminal which concentrates


solely on providing a graphical user interface to the end-user. The remaining functionality, in

particular the operating system, is provided by the server.

Characteristics

Thin clients as programs

The notion of a thin client extends directly to any client–server architecture: in which case, a thin

client application is simply one which relies on its server to process most or all of its business

logic. This idiom is relatively common for computer security reasons: a client obviously cannot

be trusted with the logic that determines how trustworthy they are; an adversary would simply

skip the logic and say "I'm as trustworthy as possible!"

However, in web development in particular, client applications are becoming fatter. This is due

to the adoption of heavily client-side technologies like Ajax and Flash, which are themselves

strongly driven by the highly interactive nature of Web 2.0 applications.

Single point of failure

The server, in taking on the whole processing load of several clients, forms a single point of

failure for those clients. This has both positive and negative aspects. On the one hand, the

security threat model for the software becomes entirely confined to the servers: the clients simply

don't run the software. Thus, only a small number of computers need to be rigorously secured,

rather than securing every single client computer. On the other hand, any denial of service attack

against the server will harm many clients: so, if one user crashes the system, everyone else loses

their volatile data.

For small networks, this single-point of failure property might even be expanded: the server can

be integrated with file servers and print servers particular to its clients. This simplifies the

network and its maintenance, but might increase the risk against that server.

Cheap client hardware

While the server must be robust enough to handle several client sessions at once, the clients can

be made out of much cheaper hardware than a fat client can. This reduces the power

consumption of those clients, and makes the system marginally scalable: it is relatively cheap to

add on a couple more client terminals. The thin clients themselves in general have a very low

total cost of ownership, but some of that is offset by requiring a robust server infrastructure with

backups and so forth. This is also reflected in terms of power consumption: the thin clients are

generally very low-power and might not even require cooling fans, but the servers are higher-

power and require an air-conditioned server room.

Client simplicity

Since the clients are made from low-cost hardware with few moving parts, they can operate in

more hostile environments than conventional computers. However, they inevitably need a


network connection to their server, which must be isolated from such hostile environments.

Since thin clients are cheap, they offer a low risk of theft in general, and are easy to replace when

they are stolen or broken. Since they don't have any complicated boot images, the problem of

boot image control is centralized to the central servers.

Recent Trends

Ultra-thin clients

A Sun Microsystems stateless S270 thin client, sometimes called an ultra thin client

Traditionally, a thin client ran a full operating system for the purposes of connecting to other

computers. A newer trend is sometimes called an ultra-thin client or a zero client, which no

longer runs a full operating system: the kernel instead merely initializes the network, begins the

networking protocol, and handles display of the server's output.

Web thin clients

Web thin clients (running a Web OS) rely on the web-based software for the application and data

storage, thus eliminating the single point of failure and the need for OS/application/data

aggregation and licensing required by traditional thin client.

e-commerce and governance unit 1-5

Documents