Professional Documents
Culture Documents
E Commerce IMP noTES
E Commerce IMP noTES
2.satellites
The long distance network connectivity is mainly done through guided media
cables which are like fibre optic cables. These cables are responsible for
carrying large packets of data from long distance within few seconds of time.
The data which is passed through these cables is covered with full fledged
security and accuracy. These cables provide better quality service for interactive
applications. These provide attractive economic advantage for selected routes
fulfilling the required communication. Now a days the major long
distance carriers are keeping their focus on wireless technologies and are
making plans to work with different companies on wireless technology. This
technology helps increase of communication with accuracy.
Satellite network:
These have advantages over different networks. They are accessible from any
spot on the globe and able to provide broad band digital services, including
voice, data and video to many points without the cost of wire installation and
other costs. The role of satellite in communication industry has changed
the communication environment since from many years giving support to
transport of long distance Tele-communication and one-way video broadcasts.
In 1980's industry introduced a new class of satellites. These VAST satellites
require small ground antennas for point to point network services. Now a days
VAST networks are being utilized by large corporation to link hundreds of retail
sites.
1. Hub:
A hub, at the most basic level, is a “dumb” device that operates at the Physical layer of the OSI model.
A hub forwards all signals it receives to all connected network devices. Think of a hub as a “drunk” –
when he speaks, he speaks to all around him, even if he really only means to speak with one person.
2. Switch:
Sometimes Hub can be an inefficient (think about the excess traffic created) and unsecure device. Imagine
if you wish to send sensitive credit card information over the network – do you really want every node to
receive your electronic signal? To alleviate this, the switch was developed. A switch operates at the Data
Link layer of the OSI model. It uses the MAC sub-layer to forward the relevant frames of information
only to the intended recipient. Messages can still be broadcast, but this is only an option and not the
normal condition. Unlike the “drunken” hub, the switch can speak softly to one person at a time or
announce to the crowd. The Network+ exam tends to test you on this difference between a hub and
switch, so keep it fresh in your mind.
3. Bridge:
A bridge also operates at the Data Link layer (aka Layer 2) and is used to connect two (similar or
dissimilar) physical network segments together, forming a larger inter-network. It can forward packets
or reject them based on their destination (MAC) address. Note: The connected network segments must
have same network ID.
4. Router:
The router operates at the Network layer of the OSI Model and is used to forward packets across
network segments to reach a certain destination address. Do not be confused between a router and a
bridge – a bridge simply forwards packets or frames based on their destination address from one connected
network segment to another. A router can determine where a packet should be sent to given its final
destination (IP address). Usually, routers forward packets to other routers, but sometimes routers also
forward to other pieces of network equipment. A router is usually used to connect a home computer to an
“always-on” Internet connection through the home network. To appreciate what a router really does, run
tracert to your favorite website and see how many steps (hops) are involved in getting from your computer
to the web server in question.
5. Gateway:
A gateway is any device that serves to interface with other networks using dissimilar protocols . For
example, a gateway might interface between a home network and the Internet or between a NetBIOS
network and an IPX/SPX network. A gateway operates in any of the seven OSI layers.
6. WAP:
A Wireless Access Point is a device that allows wireless devices to access and to communicate with the
network. It acts as a bridge between the wired, traditional network and other wireless
devices.Alternatively, it can act as a bridge between wireless devices and another, linked WAP. It typically
operates in the Network layer of the OSI model as a sort of router/bridge/switch combination. Note that
most WAP devices direct traffic by MAC address, making them switched.
7. NIC:
A Network Interface Card is a device that allows a node to connect to the network, typically in the form
of a computer “card” (PCI/ISA), but also in the form of an external (think USB) device. It can either be
wired and connect to a traditional, wired network, or wireless, and connect to a WAP.
fig.no.3.Information superhighway(imageconnectedsupplychain.com)
Who should pay for constructing the I-way? Some favor the interstate highway
model with government construction, ownership, and maintenance. Others
support the current regulated phone system model.
2. Subsidies:
Developers might hope for subsidies, tax breaks, government business, or other
forms of encouragement. What will these tax subsidies subsidize? This remains
unresolved.
4. Regulation:
Some free enterprises argue that if a highway is built with private funds then
there is no government regulation. Some argue the open competition among
highway operators, but regulation to provide public access, privacy, and
reasonable tolls. What are the rules? Who writes them? Who enforces them?
These issues remain undecided.
5. Universal Access:
Equal access probably means that cable and phone companies deploying
upgraded networks going to be required to serve some consumers at prices
below cost, and to outspread wires to places where other technologies (like
satellite) would make more sense. Some insist that highway operators must
provide universal access at a reasonable cost. If the I-way is built and run by
private interests without significant government investment, the non-profit
organizations might not be able to afford to hook up to the network. Whether
universal access is nationwide or international it is still ambiguous.
There are several types of market forces that investors need to be aware of:
Market forces examples include how weather can disrupt the supply
of commodities and how social consciousness surrounding climate change is
changing demand for products.
For instance, heavy rainfall can damage crops like coffee in Latin America or rice in
southeast Asia, reducing supply and increasing prices. Conversely, an increase in
crude oil production that creates a surplus above demand levels brings down oil
prices as supply is readily available and sellers will accept lower prices to offload
their inventory.
.
fig.no.5.Information superhighway(miromedium.com)
Conclusion
Broadband
ATM
Frame Relay
Frame relay is a standardized wide area network technology that specifies the
physical and logical link layers of digital telecommunications channels using
a packet switching methodology. Originally designed for transport across Integrated
Services Digital Network (ISDN) infrastructure, it may be used today in the context
of many other network interfaces.
Network providers commonly implement frame relay for voice (VoFR) and data as
an encapsulation technique, used betweenlocal area networks (LANs) over a wide
area network (WAN). Each end-user gets a private line (or leased line) to a frame
relaynode. The frame relay network handles the transmission over a frequently
changing path transparent to all end-user extensively used WAN protocols. It is less
expensive than leased lines and that is one reason for its popularity. The extreme
simplicity of configuring user equipment in a frame relay network offers another
reason for frame relay's popularity.
1. Although both techniques are based on end to end delivery of quantized data,
there are many differences in terms of sizes of the data quanta, application network
types, controlling techniques etc.
2. Although ATM uses fixed size packets (53 bytes) for data communication, frame
relay uses variable packet sizes depending on the type of information to be sent.
Both information blocks have a header in addition to data block and transfer is
connection oriented.
3. Frame Relay is used to connect Local Area Networks (LAN) and it is not
implemented within a single area network contrast to ATM where data transfers are
within a single LAN.
5. Frame relay has a variable packet size. Therefore it gives low overhead within
the packet which results it an efficient method for transmitting data. Although fixed
packet size in ATM, can be useful for handling video and image traffic at high
speeds, it leaves a lot of overhead within the packet, particularly in short
transactions.
What is m-commerce?
M-commerce (mobile commerce) is the buying and selling of goods and services
through wireless handheld devices such as smartphones and tablets. M-commerce
is a form of e-commerce that enables users to access online shopping platforms
without the use of a desktop computer.
Over time, content delivery through wireless devices has become faster, more
secure and scalable. As a result, mobile commerce has grown rapidly.
M-commerce encompasses three major
approaches to mobility and business.
Similarly, tracking the mobile add-to-cart rate will help developers see if users are
becoming customers. M-commerce developers may also be interested in logging
average page loading times, mobile cart conversion rates and SMS subscriptions.
Tax compliance. Businesses must know and comply with tax laws and
regulations of all countries they ship to. Some businesses will avoid this
by only authorizing purchases from and shipping to their country of
origin.
The following are some of the current and future mobile commerce trends:
Mobile ticketing. Gone are the days when users had to wait in long lines to buy
movie or concert tickets. With mobile ticketing, users can buy and receive tickets
through their smartphones. Mobile ticketing also eliminates the need to print the
tickets as users receive them on their phones in a text format with a barcode that
gets scanned at events
Applications of M-commerce
What is WAP?
WAP is a protocol that is introduced in 1999, which stands for Wireless application
protocol. It offers Internet communications over wireless devices, such as mobile
phones. In the early 2000s, it accomplished some popularity and was mainly
superseded by more recent standards by the 2010s. Also, it offers a way of creating
web applications for mobile devices, and it is designed for micro-browsers.
The transport layer handles the physical network issues, by which wireless gateways
can be easily accessed by global wireless operations. A WAP gateway is a server,
which provides the facility to access the wireless network. The WAP Forum offers
specification development, WAP tool testing and also provides support for all mobile
services. Now, the WAP Forum is referred to as the Open Mobile Alliance.
WAP Model
In the mobile device, the user opens the web browser and access the website and
visit webpages accordingly. The mobile device forwards the URL request to a WAP
gateway through the network using the WAP protocol. Then, the WAP gateway refers
to this request over the internet after translating it into a conventional HTTP URL
request. The specified Web server accepts the request and processes the request.
Then, it returns the response to the mobile device in the WML file through the WAP
gateway that will be displayed in the web browser on the device.
WAP Protocol stack
1. Application Layer (WAE)
2. Session Layer (WSP)
The Wireless Transport Layer Security provides security in terms of data integrity,
privacy and authentication that help to save your data. It also has the ability to work
like Transport Layer Security. Also, it contains security features that have Transport
Layer Security.
5. Transport Layer (WDP)
With the network carrier layer, the Wireless Datagram Protocol functions in
conjunction and presents a constant data format to higher layers of WAP protocol
stack.
Components of WAP
There are three major components of the WAP, which are as follows:
1. Protocol Support
2. Application Environment
o WML Specification: WML stands for Wireless Markup Language, based on XML and
XHTML.
o WMLScript Specification: A scripting language that is used for running code on
clients.
o WAP Micro Browser: Especially, it is designed to control the WAP device. WAP
devices make capable of operating in a limited resource environment with the help of
a WAP micro-browser.
AD
o Customization of User Profile: On the basis of client device capabilities and user
preferences, WAP enables servers to customize content delivered to users.
o Telephony Support: Wireless application protocol allows telephone services to be
operated from within a data environment. As a result, WAP phones can function as
web devices and integrated voice.
Advantages of WAP
There are various advantages using WAP; such are as follows:
Portability
AD
The primary use of WAP is to write applications using proprietary protocols. When
you are porting applications to a different kind of network, it will need substantial
code rewriting. For example, a different type of networks like GSM and CDMA, and
bearer protocol like CSD (circuit-switched data) or SMS (short message service).
User Experience
o The devices with limited processing power, small screens, limited memory, and
limited battery.
o Provide a narrow bandwidth connection.
WAP helps to add new services at a lower cost and quickly. It could be done by the
WAP tools and platforms like WAP devices, WAP gateways, and WAP software
development tool kits.
o No hardware obsolescence
o Real-time send/receive data
o Most modern mobile telephone devices support WAP
o Implementation near to the Internet model
o Time-saving
o Increased sales for devices, infrastructure & gateway manufacturer.
o Personalized
Disadvantages of WAP
Mobile Banking: It is used in the banking sector for different purposes, such as
provide details of user account balance, last four transactions, overdraft limits and so
on. The elements such as WAP, private information services, security and various
different other elements are included in it. Additionally, it has numerous ways to
provide Users' information. On the other hand, the user can get information by
sending a request via message, or the service can be push-based, which means it can
be automatically generated on the basis of events or set intervals.
All mobile phones are able to run mobile banking services, or services can be tailored
for a protocol-compliant phone or particular branded phone, e.g., WAP. Furthermore,
the WAP is not only beneficial for information provision, but it can also secure
electronic commerce and mobile transactions.
Games: Games are a huge service that is most widely used by people in terms of
applications or software in mobile devices. Similarly, as music distribution will
increase electronically, games will also increase. You can download games or videos
from an internet site rather than go to a video store to rent a game or video.
Qualitative Information:
The different variety of content can be delivered to mobile phone users, such as
share prices, flight information, lottery results, sports scores, weather, jokes, news
headlines, and more. This information may be in the form of any kind of visual
information, graphs or maps.
History of WAP
In 1988, Nokia, Ericsson, Unwired Planet, and Motorola founded the WAP Forum. To
collect together the several wireless technologies in a standardized protocol was the
main objective to develop the WAP (Wireless application protocol).
Europe
The use of WAP had largely disappeared until 2013. The use of WAP has been retired
by most of the major websites and companies, and for many years, it is not
conventional technology for the web on mobile phones. Now, the latest mobile
phone internet browsers are designed in such a way; they are capable of
supporting HTML, CSS, and JavaScript. Also, for webpage compatibility, modern
handsets avoid the need for using any type of WAP markup. The handsets that
support HTML are widespread, such as all versions of the iPhone, Android handsets,
all Windows Phone, many Nokia handsets, and all Blackberry devices.
Asia
In Japan, the WAP got major success; even it was not used by the largest operator
NTT DoCoMo, successfully deployed by SoftBank Mobile and rival operators KDDI
(au). Especially the services based on WAP are Java (JSCL), J-Phone's Sha-Mail picture
mail services, as well as (au)'s chakumovie. In 2010, WAP and i-mode usage declined
like Europe, as the smartphones that HTML capable become popular in Japan.
USA
In the US, the adoption of WAP was suffered as many cell phones required extra fees
for data support and separate activation. There was also a reason for suffering from
adopting the WAP in the US; telecommunications companies demanded limiting
data access to only approved data providers. On 31 July 2007, With the related to the
problem, the FCC (Federal Communications Commission) issued an order. The third-
party application developers, device manufacturers, and others can use any
application or device while operating on this particular licensed network band.
WAP browser
A WAP browser enables mobile devices to access compatible web pages. A large
number of internet protocols can be used by the mini browser to convert web pages
into plain text. Usually, in terms of a WAP browser effectiveness, web developers
create separate WAP web pages for mobile devices. The web content generally takes
longer to load without WAP optimization, also may not translate the content
correctly in order to mobile devices.
What is WML?
Wireless markup language (WML) is a markup language that is based on HTML and
HDML. The HTML (Hypertext markup language) translates content for desktop
browsers, but WML translates for wireless devices that are not capable of processing
capabilities. For mobile phones, it is used to develop websites and is specified as an
XML document type. While designing websites with a wireless markup language,
limitations of wireless devices such as limited memory, small display screens, small
resources and low bandwidth of transmission have to be considered. The sites
designed with WAP are different from normal HTML sites, as they are
monochromatic (only black and white) and have very small space for display screen.
Features of WML
o User Interaction: It offers simple ways to communicate with users, as users are free
to choose inputs such as keys or voice; because it has the ability to support several
types of input like text entry control, password entry, and option selector.
o Text and Images: WML describes a way for presenting the images and text to the
user. The images will be monochrome and need to be in WBMP format.
o Navigation: WML provides browsing history and hyperlink navigation.
o Context Management: This state can be saved between different decks. It includes
some key features as compared to HTML, which is given below:
o The variables cannot be stored in HTML, but variables can be defined in WML that
holds data in string format.
o HTML is a markup language for desktop, but WML is for small, wireless computing
devices.
o The image format supported by WML is WBMP, and HTML supports, GIF and JPEG,
BMP.
o HTML is not case sensitive, and WML follows XHTML specification; hence, it is case
sensitive.
. Malware
Once installed, malware can deny access to your network, secretly obtain sensitive
data, and even destroy your system.
How it occurs:
Hackers send victims a “planted” link that installs infected software. Once installed,
the software quickly replicates and spreads to other computers in the network.
A PC matic survey of employees working from home revealed that six out of ten
have been using their own devices to work remotely. Even worse, only 9% of
companies have installed antivirus software on their employees’ devices.
✅ Take action: Every Aura plan comes with intelligent safety tools — VPN, antivirus, password
manager, and more — to protect your digital privacy and data. Try Aura’s online and device
security features today.
2. Ransomware
How it occurs:
Hackers take control of a victim’s computer when they click links or download
attachments that contain malware.
The Washington, D.C. Police Department was also not spared. Babuk, a group of
Russian nation-state hackers, gathered 250GB of confidential files and demanded
$4 million in exchange.
3. Cryptojacking
How it occurs:
Hackers use phishing emails or other methods to get you to click a link that then
downloads the cryptojacking malware to your device.
In 2019, two members of the Romanian hacking group Bayrob Group were
sentenced to 20 years in prison [*] after their cryptojacking malware infected 400,000
computers.
In an even more bizarre case, it was recently discovered that Norton – a company
that makes software designed to protect you from viruses — now installs
cryptomining software on your device by default.
4. Viruses
Computer viruses are malicious pieces of code that damage your device and can
replicate and spread between hosts. Much like flu viruses that can’t replicate without
a host, computer viruses can’t spread without a host file or document.
How it occurs:
Once a virus successfully attaches to a host file or document, it can lay dormant until
circumstances “trigger” it to execute its code. Once it does activate, the virus can
spread across computers or even across corporate networks.
The GoBrut virus is one of the most common and active computer viruses with new
versions appearing every few months. GoBrut is not terribly sophisticated, but will
use brute force attacks to crack your passwords and can slow down your device.
Related: What is Cyber Hygiene? 10 Easy Habits That Can Keep You Safe
Online →
5. Trojans
Named after the famed Trojan horse, this type of malware uses helpful software as a
backdoor to gain access and exploit a computer or network. Trojans are widely used
to steal credit card information.
How it occurs:
Users click on a link that hides the Trojan malware or unknowingly download it along
with legitimate software. Once the file is clicked and opened, the download proceeds
to install malware onto the device.
Zeus Gameover is the most recent addition to the “Zeus” family of Trojan viruses.
Once installed, Zeus recognizes when you’re on a log-in page. Then, it records your
keystrokes and steals your sensitive bank account details. Even worse, “Gameover”
can bypass centralized servers, which makes it almost impossible to track your
stolen data.
6. Worms
Worms are self-contained malware that spread through other files and programs on
their own. Unlike viruses which require a host, worms are standalone programs that
can “wiggle” through your network.
How it occurs:
Worms are often sent through email attachments — they duplicate themselves and
send a copy to all contacts in the hacked email list. Attackers can use worms to
overload servers and achieve distributed denial of service (DDoS) attacks.
7. Spyware
There are several different types of spyware to beware of. For example, Infostealers
steal your information from browser forms. While Keyloggers record your keystrokes
to catch sensitive data.
How it occurs:
Spyware is distributed in many ways — links, phishing emails, pop-ups, infected ads,
or even poisoned links on Google search.
Once a user clicks on the link, their data is sent remotely to an attacker. The
information is then used to blackmail the victim or install other malicious programs.
8. Adware
Adware displays unwanted ads on your computer. It can also change your browser
homepage or even add unwanted plugins and other spyware.
While adware isn't quite a virus and isn't as problematic as other code floating
around the internet, you still need to remove it from your computer. Not only is it
bothersome, but it could also cause other device issues down the line.
How it occurs:
Adware can come from either downloading it by mistake or getting it from a malicious
website.
Once it's downloaded and installed, adware immediately starts tracking your web
activity. One indicator that you’ve been infected is constant pop-up advertisements.
Fireball is an adware that affected over 250 million computers in 2017 [*]. It was
created by a Chinese company, Rafotech, to turn victims’ default search engines into
fake search engines.
9. Drive-By Downloads
Drive-by downloads are programs that install on your devices without your consent.
These include bundled software and unintentional downloads of any files.
How it occurs:
Just like other malware, drive-by downloads enter your computer unintentionally.
You don't have to click on or download anything for your computer to be infected — it
just happens when you visit an infected website.
In 2011, two BBC websites were injected with an iFrame which automatically
infected users that visited the website [*].
Internet of Things (IoT) devices are common targets for bad actors as they don’t
have space to run proper security systems and often store sensitive information like
log-in details and passwords.
How it occurs:
Hackers exploit the weak security and constant connectedness of IoT devices to
gain access to them. Once they install malware, hackers can link devices together
and launch DDoS attacks. These attacks attempt to knock out networks by flooding
them with traffic.
IoT devices such as smart speakers can also act as a weak point in your network.
Once hackers are in, they can gain access to your entire system.
Recent examples of IoT device attacks:
IoT attacks are one of the most common types of emerging cyber threats. In the first
half of 2021, more than 1.5 billion IoT devices were breached and used for
cyberattacks [*].
11. Wipers
Wipers — or wiper malware — damage organizations by wiping as much data (if not
all) as possible. Unlike ransomware which has financial motives, wiper attacks are
purely disruptive. Criminals may also use wiper attacks to cover the tracks of
separate data thefts.
How it occurs:
Wipers often target files, backups, and the system boot section. Normally, hackers
override files to destroy them, but they don’t do this in wiper attacks because it’s
time-consuming. Instead, hackers write a certain amount of data at intervals which
destroys files randomly.
Sony Pictures experienced a wiper attack in 2014 as the studio was releasing the
movie The Interview about the North Korean leader Kim Jong Un [*].
The hackers deleted the studio’s data and released hacked celebrity emails and
personal information.
With cross-site scripting (XSS), hackers insert malicious scripts into a website with
the intent of stealing users’ identities through session tokens, cookies, and other
information. The malicious code is usually JavaScript but can include Flash or
HTML.
How it occurs:
XSS often occurs when users log onto a web application’s session. Victims
unintentionally click on the content because they think it’s legitimate. But little do they
know that the attacker altered the executed script, making XSS harmful and
dangerous.
British Airways was the victim of an XSS attack, which affected 380,000 bookings
made between August and September 2018 [*]. The attack was traced to a hacker
group called Magecart, which used card-skimming techniques to get victims’ details.
✅ Take action: Scammers can take out loans in your name or empty your bank account with
your stolen information. Try an identity theft protection service to monitor your finances and
receive fraud alerts.
13. Phishing
Phishing has been around for years, but is consistently one of the most common
ways hackers try to scam you online. It involves sending messages that seem to be
from a trusted source to gain personal information or scam you into downloading
malware
How it occurs:
Phishing attacks can occur via email, text (known as “smishing”), phone calls, fake
websites, and social networks. Hackers use a combination of social engineering
tactics to gain your trust. Then, they send messages containing malware or a link to
a fake site designed to steal your information.
If you think a message is a phishing scam, look for these warning signs:
Attackers use prominent business names for phishing attacks. You may hear of
phishing emails from FedEx, Netflix, or even the Center for Disease Control and
Prevention (CDC).
Whale phishing — or whaling — is a phishing attack in which the prime targets are
senior executives (aka the “big fish”).
How it occurs:
A CEO of an Austrian aerospace company was fired in 2016 after falling victim to a
whale phishing email scam that cost the company $58 million [*].
15. Pharming
How it occurs:
Malware-based pharming uses trojan horses to direct you to a fake website. For
example, you’ll get a link to enter your credentials on your banking site. But the link
routes you to a fake (yet believable) landing page designed to steal your
information.
With DNS cache poisoning, hackers exploit your DNS server. So even if you enter
the URL of your banking site, you’ll still be redirected to the fake website without your
knowledge.
Banks are the most common target of pharming attacks. A famous 2007 incident
impacted 50 financial institutions around the world [*].
More recently, in 2019, hackers took advantage of the ongoing humanitarian crisis in
Venezuela to hijack a website set up for volunteers and steal their personal
information [*].
How it occurs:
Hackers find vulnerable website fields such as contact forms and insert malware.
Once the SQL query is inserted into the website, the attacker can execute malicious
commands on the database.
Hackers broke into the 7-Eleven corporate system and stole credit card details from
millions of people using SQL injection [*]. They also targeted companies such as
Heartland and Hannaford. The breaches were estimated to cost $300 million.
How it occurs:
With DDoS attacks, hackers infect computers on the network with malware to turn
them into bots. Attackers control the bot network (or botnet) by sending instructions
remotely. Some hackers even use artificial intelligence (AI) technologies for
automation purposes.
In 2020, Amazon Web Services (AWS) defended itself against a DDoS attack with a
peak traffic volume of 2.3 Tbps [*] — the largest recorded traffic volume. Before that,
the largest DDoS attack was at 1.7 Tbps.
Brute force attacks are a type of cryptographic attack where hackers use software to
repeatedly guess your login credentials. One in five networks have experienced a
brute force attack.
How it occurs:
Hackers attempt to access an account by trying different passwords until they guess
the right one. When you’re against hackers with a powerful computing engine or
control over an extensive botnet, it can pose a problem.
Some warning signs that you’re under a brute force attack include:
In 2018, Magento was hit by a brute force attack. Hackers accessed over 1000
admin panels to scrape credit card numbers and install malware that mines
cryptocurrency [*].
How it occurs:
Attackers insert themselves through an IoT device or exploit unsecured public Wi-Fi.
In 2017, Equifax removed its apps from the Apple and Google app stores due to
security concerns that allowed MitM attacks [*].
Insider threats are security risks that begin within the targeted organization. It often
involves a current or former employee with administrator privileges or access to
sensitive information.
Insider threats have increased by 47% over the last two years [*], making them an
emerging cyber threat.
How it occurs:
Insider threats occur when someone with authorized access misuses their access.
Insider threats can be intentional or unintentional. Unintentional threats occur when a
negligent employee falls victim to malware or phishing scams.
Most security operations focus on external threats. But the best course of action for
limiting insider threats is restricting employee access to systems they need for work.
Over eight years, a former GE employee stole trade secrets and proprietary data
with the intent of starting a rival company [*].
How it occurs:
The term ‘zero-day’ alludes to web developers recently discovering the flaw, which
means they have had zero days to fix it. Attackers jump to take advantage of the
small time frame in which the device or program is vulnerable.
Here are a few best practices to keep your devices safe from hackers and
scammers:
Antivirus software keeps your devices safe by searching, detecting, and blocking
malware. Unfortunately, with so many digital threats present in the world today, a
simple antivirus solution alone isn't going to cut it. You need an all-around digital
protection software such as Aura, which also:
Regularly updating your device software and NEVER ignore the software update
prompts! This is one of the easiest ways to guard yourself against emerging cyber
threats. Manufacturers intentionally release system and software updates as a
safeguard against online threats. Don’t ignore them.
Passwords are often our first – and only – line of defense against cyber attacks.
Choose strong passwords that use a combination of letters, numbers, and special
characters. Don’t use common words or any personally identifiable information (such
as birthdays or pet names).
If you’re worried about keeping track of long passwords, use a password manager.
These tools securely store all your passwords so all you need to remember is a
single master password.
Choose web hosting providers that offer automatic backups if you have a website.
For device backups, be sure to have many copies of your backup files. You can
store them on an external hard drive or the cloud.
Knowing more about emerging cyber threats helps you prepare and become aware
of hackers’ common tactics. Cyber criminals love when people don't know they're
under attack because it means they won't meet any resistance.
Arm yourself with as much knowledge as you can so that you can recognize
the signs of identity theft and know what to do when you open a spam email.
What is encryption?
Encryption is a way of scrambling data so that only authorized parties can
understand the information. In technical terms, it is the process of converting
human-readable plaintext to incomprehensible text, also known as ciphertext. In
simpler terms, encryption takes readable data and alters it so that it appears random.
Encryption requires the use of a cryptographic key: a set of mathematical values that
both the sender and the recipient of an encrypted message agree on.
Data can be encrypted "at rest," when it is stored, or "in transit," while it is being
transmitted somewhere else.
What is a key in cryptography?
A cryptographic key is a string of characters used within an encryption algorithm for
altering data so that it appears random. Like a physical key, it locks (encrypts) data so
that only someone with the right key can unlock (decrypt) it.
In symmetric encryption, there is only one key, and all communicating parties use the
same (secret) key for both encryption and decryption. In asymmetric, or public key,
encryption, there are two keys: one key is used for encryption, and a different key is
used for decryption. The decryption key is kept private (hence the "private key"
name), while the encryption key is shared publicly, for anyone to use (hence the
"public key" name). Asymmetric encryption is a foundational technology
for TLS (often called SSL).
AES
3-DES
SNOW
RSA
HTTPS uses the encryption protocol called Transport Layer Security (TLS). In the past,
an earlier encryption protocol called Secure Sockets Layer (SSL) was the standard, but
TLS has replaced SSL. A website that implements HTTPS will have a TLS
certificate installed on its origin server. Learn more about TLS and HTTPS.
Secret Key
What Does Secret Key Mean?
A secret key is the piece of information or parameter that is used to
encrypt and decrypt messages in a symmetric, or secret-key, encryption.
In assymetric encryption, two separate keys are used. One is a public key
and the other is a secret key.
VPN stands for the virtual private network. A virtual private network (VPN) is a
technology that creates a safe and encrypted connection over a less secure network,
such as the internet. A Virtual Private Network is a way to extend a private network
using a public network such as the internet. The name only suggests that it is a Virtual
“private network” i.e. user can be part of a local network sitting at a remote location.
It makes use of tunneling protocols to establish a secure connection.
When you purchase goods and services online, you pay for them using an electronic medium.
This mode of payment, without using cash or cheque, is called an e-commerce payment system
and is also known as online or electronic payment systems.
The growing use of internet-based banking and shopping has seen the growth of various e-
commerce payment systems and technology has been developed to increase, improve and provide
secure e-payment transactions.
Paperless e-commerce payments have revolutionised the payment processing by reducing paper
work, transaction costs, and personnel cost. The systems are user-friendly and consume less time
than manual processing and help businesses extend their market reach.
Debit Card
Debit cards are the second largest e-commerce payment medium in India. Customers who want
to spend online within their financial limits prefer to pay with their Debit cards. With the debit
card, the customer can only pay for purchased goods with the money that is already there in
his/her bank account as opposed to the credit card where the amounts that the buyer spends are
billed to him/her and payments are made at the end of the billing period.
Smart Card
It is a plastic card embedded with a microprocessor that has the customer’s personal information
stored in it and can be loaded with funds to make online transactions and instant payment of
bills. The money that is loaded in the smart card reduces as per the usage by the customer and
has to be reloaded from his/her bank account.
E-Wallet
E-Wallet is a prepaid account that allows the customer to store multiple credit cards, debit card
and bank account numbers in a secure environment. This eliminates the need to key in account
information every time while making payments. Once the customer has registered and created E-
Wallet profile, he/she can make payments faster.
Netbanking
This is another popular way of making e-commerce payments. It is a simple way of paying for
online purchases directly from the customer’s bank. It uses a similar method to the debit card of
paying money that is already there in the customer’s bank. Net banking does not require the user
to have a card for payment purposes but the user needs to register with his/her bank for the net
banking facility. While completing the purchase the customer just needs to put in their net
banking id and pin.
Mobile Payment
One of the latest ways of making online payments are through mobile phones. Instead of using a
credit card or cash, all the customer has to do is send a payment request to his/her service
provider via text message; the customer’s mobile account or credit card is charged for the
purchase. To set up the mobile payment system, the customer just has to download a software
from his/her service provider’s website and then link the credit card or mobile billing
information to the software.
Amazon Pay
Another convenient, secure and quick way to pay for online purchases is through Amazon Pay.
Use your information which is already stored in your Amazon account credentials to log in and
pay at leading merchant websites and apps. Your payment information is safely stored with
Amazon and accessible on thousands of websites and apps where you love to shop.
If you are planning to sell your products online, Amazon would be happy to help you in setting up
payment gateways for your products and services. You can also consider selling on Amazon, one
of the most popular e-commerce platforms in the world. To sell on Amazon, you can register to
sell online for free.
Emerging financial instruments
Here we'll briefly explore some of the emerging investment
vehicles that exist in the market.
Since we have an understanding of the most common financial
instruments, we will now briefly explore some of the emerging
investment vehicles that exist in the market.
Cryptocurrency
Cryptocurrency is an emerging financial instrument that hit the
mainstream towards the second half of 2018, and saw one of the
greatest rallies of an investment vehicle in modern times. A
cryptocurrency is a digital or virtual currency that is designed to
work as a medium of exchange. Cryptocurrencies use cryptography
to secure and verify transactions and control the creation of more
currency. Cryptocurrencies use blockchain technology in order to
be decentralised, transparent, and immutable. The decentralisation
aspect is arguably the most important feature of cryptocurrency. It is
not controlled by a central authority and in most cases there is a
finite amount of the cryptocurrency in circulation. The most well
known of these cryptocurrencies is Bitcoin. [1]
Want to keep
learning?
This content is taken from
FutureLearn online course,
Financial Analysis for Business Decisions:
Cash Flow Management
View Course
Types of MBS
For more information on CMOs, you can read the following article:
To consolidate what you have learned so far in the week, read the
following article on Frontken Corporation Berhad and its success in
the market over the past five years
Electronic Data Interchange EDI – is the exchange of business documents between any two trading
partners in a standard or structured, machine readable form. EDI is used to electronically transfer
documents such as purchase orders, invoice, shipping bills, and communicate with one another. A
Specified format is set by both the parties to facilitate transmission of information. Traders use
Electronic Data Interchange EDI to exchange financial information in electronic form. Electronic
Fund Transfer facility provided by banks is an example of Electronic Data Interchange EDI. EDI
helps to eliminate paper based system, reduces data entry task and improves business cycle. EDI
stands for Electronic Data Interchange. EDI is an electronic way of transferring business documents in
an organization internally, between its various departments or externally with suppliers, customers, or
any subsidiaries. In EDI, paper documents are replaced with electronic documents such as word
documents, spreadsheets, etc. EDI Documents Following are the few important documents used in
EDI – Invoices Purchase orders Shipping Requests Acknowledgement Business
Correspondence letters Financial information letters E-COMMERCE [ELECTRONIC DATA
INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad Mukherjee University,
Ranchi Page| 2 Steps in an EDI System Following are the steps in an EDI System. A program
generates a file that contains the processed document. The document is converted into an agreed
standard format. The file containing the document is sent electronically on the network. The
trading partner receives the file. An acknowledgement document is generated and sent to the
originating organization. Components of Electronic Data Interchange EDI Standard Document
Format – A standard format agreed upon by both parties which do not require complicated hardware
or software to access information. Both parties communicate directly through a business application.
Translator and Mapper – A translator is used to convert the raw data into meaningful information
according to specifications provided by a mapper. A mapper is used to create conversion
specification. It compiles the specification and then gives instructions to the translator on how to
convert the data. Communication Software – Communication software is used to transmit data and
convert business documents into a standard format. It follows a standard communication protocol
which is incorporated in the software. Communication Network – A communication network
provides a direct link between trading partners who are will to exchange business documents through
Electronic Data Interchange EDI. Modem – It is a hardware device that transmits data from one
computer to another. VAN – A network that connect the computer system of one organization to
another. Point to Point link – A direct communication link between two computers. E-
COMMERCE [ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr.
Shyama Prasad Mukherjee University, Ranchi Page| 3 Applications of Electronic Data Interchange
EDI Retail Sector – In the retail sector profit margins usually depend upon efficient inventory
management. EDI provides a structured way to maintain and replenish goods stocked at a retail outlet.
Retailers use a common model stock for each shop location and the point of sale stock position is
updated continuously and data in fed via EDI enabled SCM (supply chain management) network. The
EDI software monitors all the logistics and makes updates in the original stock. Manufacturing
Sector – EDI ensures effective and efficient management of materials required for production of a
commodity. In manufacturing sector EDI facilitates Material requirement planning and just in time
manufacturing. The Inventory position of OEM is constantly updated through EDI and the supplier is
notified about shortage of materials. This helps the supplier to plan and schedule supply according to
requirements of the manufacturer. The suppliers respond via EDI with an ASN to identify the
parts/materials to be delivered and the approximate delivery time and E-COMMERCE
[ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad
Mukherjee University, Ranchi Page| 4 as soon as the shipment is delivered at the production plant the
inventory is updated again. Automobile Sector – In automobile sector EDI is used to keep
customers updated with the current product and pricing information during the purchase cycle. An
advance shipping notice is transmitted through EDI to the customers to prepare a loading schedule
and to ensure proper receipt of the product. The customer may also make payment on receipt of goods
via EDI to speed up the payment process. Financial Sector – In the financial sector EDI replaces
the labour intensive activities of collecting, processing and dispersing payments with an electronic
system. It facilitates the flow of payment between the bank accounts of trading partners without
requiring any human intervention. A payee`s bank account is electronically credited and the payer`s
account is electronically credited on the scheduled day of payment; such an exchange is known as
electronic fund transfer (EFT). Computer-to-computer– EDI replaces postal mail, fax and email.
While email is also an electronic approach, the documents exchanged via email must still be handled
by people rather than computers. Having people involved slows down the processing of the
documents and also introduces errors. Instead, EDI documents can straight through to the appropriate
application on the receiver’s computer (e.g., the Order Management System) and processing can
begin immediately. A typical manual process looks like this, with lots of paper and people
involvement: The EDI process looks like this — no paper, no people involved: E-COMMERCE
[ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad
Mukherjee University, Ranchi Page| 5 Business documents – These are any of the documents that
are typically exchanged between businesses. The most common documents exchanged via EDI are
purchase orders, invoices and advance ship notices. But there are many, many others such as bill of
lading, customs documents, inventory documents, shipping status documents and payment
documents. Standard format– Because EDI documents must be processed by computers rather than
humans, a standard format must be used so that the computer will be able to read and understand the
documents. A standard format describes what each piece of information is and in what format (e.g.,
integer, decimal, mmddyy). Without a standard format, each company would send documents using
its company-specific format and, much as an English-speaking person probably doesn’t understand
Japanese, the receiver’s computer system doesn’t understand the company-specific format of the
sender’s format. There are several EDI standards in use today, including ANSI, EDIFACT,
TRADACOMS and ebXML. And, for each standard there are many deferent versions, e.g., ANSI
5010 or EDIFACT version D12, Release A. When two businesses decide to exchange EDI
documents, they must agree on the specific EDI standard and version. Businesses typically use an EDI
translator – either as in-house software or via an EDI service provider – to translate the EDI format so
the data can be used by their internal applications and thus enable straight through processing of
documents. Business partners – The exchange of EDI documents is typically between two different
companies, referred to as business partners or trading partners. For example, Company A may buy
goods from Company B. Company A sends orders to Company B. Company A and Company B are
business partners E-COMMERCE [ELECTRONIC DATA INTERCHANGE] EDI Department of
MCA & MSC-IT, Dr. Shyama Prasad Mukherjee University, Ranchi Page| 6 Features of EDI To
maximize the strategic value and ROI of your EDI software investment, you need a solution that
maximizes automation, minimizes manual intervention and can smoothly and cost-effectively meet
your changing business needs. That makes the following features paramount: Robust, proven
integration with your business system. EDI is among the highest-value integrations in your accounting
systems environment because this eliminates time-consuming, error-prone manual effort that would
otherwise be necessary to get orders, invoices and other EDI data in and out of the accounting system.
Integrating EDI with a business system streamlines your order processing workflow for improved
productivity and responsiveness to customers, while saving time and money. The more trading
partners you have, the more operational costs you’ll save through EDI and ERP integration.
Conversely, an EDI system that does not integrate becomes a cost of doing business that offers little
value-add. A simple, seamless user experience. Business users in departments like customer
service and shipping need to process EDI transactions efficiently and accurately, without having to
become EDI experts. You should be able to manage EDI ―by exception‖ so that transactions are
automated unless exceptions occur. You should also be able to automatically schedule everyday tasks
like importing and exporting EDI documents to and from your accounting system. More automation
means faster processing and less errors—which, for suppliers and distributors, means happier
customers and fewer chargeback’s. Scalability and configurability for your specific needs. Look
for an EDI software provider that allows you to implement only the features you need now, with the
option to add more capabilities (e.g., support for remote warehouse/3PL documents) on-demand in the
future. Configurability to your specific accounting/ERP environment and business processes without
customizations that could complicate your upgrades is also crucial. You want a proven, turnkey
implementation and upgrade path that minimizes risk as your accounting and ERP environment
changes. Lowest total cost of ownership. A low initial cost doesn’t mean that TCO will be low
also. Monthly network charges can vary widely, for example. Likewise, many providers charge for
updating trading partner mapping specifications, which change all the time. What about monthly
maintenance fees? These costs can add up fast as a business grows. Are these included in the support
contract or are they extra? Easy on boarding of new trading partners. Growing companies need to
onboard new EDI trading partners quickly and smoothly. Make sure an EDI provider offers prebuilt
templates and rules to make on boarding and compliance with major retailers and other partners quick
and painless. Make sure also that it’s easy to create partner-specific business rules
E-contracts
Transaction Security
Digital signature
The e-commerce industry is not just limited to setting up a website and selling
products online. It includes product configuration, suitable infrastructure,
logistics, secured payment gateway, and supply chain management. An
efficient supply chain accelerates e-commerce processes to meet customers’
expectations.
Customer Reviews:
Platforms like Amazon and eBay use internal key figures to assess the credibility
of distributors. These platforms have supply chain key performance indicator
(KPI) targets. If the KPI is below certain minimum values, then penalties in the
form of account suspension can be imposed.
E-commerce businesses are expanding rapidly due to which they reach their
limit on inventory management. With the growth in business, product portfolio,
supplier base and surge in returns also grow at a rapid pace.
E-commerce is about selling and buying goods over the internet and the
movement of goods between two parties. The dispatch of right quantity
products at the right time to the right person is essential and hence efficient
supply chain is required. A quick, uninterrupted and secure supply chain is a
critical aspect of the e-commerce business. Efficient supply chain management
in e-commerce can reduce costs and enhance cash utilization. When a customer
purchases a product from an e-commerce website, he/she wants the product in
a short time. New e-commerce websites are evolving every day. But, customers
prefer only those sites that have an efficient supply chain to deliver the right
products at the right time.
Read More: Transforming Supply Chain and Logistics with Blockchain
Concluding Thoughts
Customer relationship management (CRM) systems allow companies to analyze their past,
current, and future customers on a variety of levels. CRM is essential for any business,
including e-commerce sites, because it allows them to grow and succeed. This article will
discuss other functions of CRM in relation to e-commerce and how it differs from traditional
CRM.
The role of customer relationship management (CRM) in e-commerce
E-commerce CRM vs. Traditional CRM
Impact of e-commerce on CRM
The importance of CRM for e-commerce sites
Tips for choosing an e-commerce CRM solution
E-commerce CRM vs. Traditional CRM
One of the primary roles of traditional CRM software is recording and storing important
customer information (i.e. preferred contact method, account information, and potential
customer leads) all in one location. Utilizing traditional CRM software in daily operations is
beneficial because it helps businesses understand how to adequately interact with their
customers and satisfy their needs.
The primary goal of traditional CRM is to unite employees and customers by ensuring
everyone gets what they need. Finally, traditional CRM provides those in sales with a
customer profile detailing information on past purchases and outreach history.
E-commerce CRM (e-CRM) primarily focuses on the sales and customer experiences that are
conducted online. Like traditional CRM, e-CRM is able to analyze customer information and
sales patterns and record and store data, however, it is able to do so all day, every day. Most
e-CRM software also has the ability to analyze your site’s metrics, for example:
Conversion rates;
Customer click-through rate;
E-mail subscription opt-ins;
Which products customers are interested in.
This easy-to-use e-commerce add-on is designed to provide customers with personalized
experiences. Giving your customers the ability to customize their e-commerce experience, on
top of listening to their needs and making them feel heard, are just a few tips to keep in mind
when attempting to build your customer relationships. Not only can these tips help recruit
new customers, but can help retain current ones as well.
Impact of e-commerce on CRM
Although it is truly about managing relationships with customers and providing a great
customer experience, e-commerce has made an impact on CRM in a variety of ways. One
study discovered that e-commerce had promising implications for improving customer
satisfaction and loyalty. In fact, the study shows that the elements that lead to customer
loyalty are:
Competency;
Capability to establish the relationship;
Commitment;
Solving the customer’s problem;
Trust;
Quality of the relationship.
Implementing e-CRM is beneficial not only because it records and stores customer data 24/7,
but also because it is capable of accomplishing all of the above — ultimately ending with
positive customer experiences.
The importance of CRM for e-commerce sites
CRM has impacted e-commerce sites by becoming an essential part of a business’s success.
One study found that interactively collecting and condensing customer data helps to build
a company’s e-CRM capability, which ultimately leads to their corporate success. It is safe to
say that going forward, CRM platforms created specifically for e-commerce (as well as
implementing a scalable e-commerce solution) may very well be a necessity for web-based
businesses.
Failing to understand the importance of CRM for your e-commerce site could result in the
loss of a multitude of benefits, including but not limited to:
It’s important for businesses to take the time to find an e-CRM solution that fits their specific
needs. Similar to selecting the best e-commerce solution provider, it is recommended to take
into consideration the following tips to help you select a CRM platform that complements
your business.
1. Create a plan on how you wish to use this solution to help grow your business;
2. Think about how the solution will work and integrate with other business platforms and
tools;
3. Consider how to train your employees on the new integration and explain the importance of
it to them;
4. Understand the amount of time and effort it takes to factor in an e-CRM solution;
5. Make sure it is within your budget to integrate the solution;
6. Read the CRM directions prior to selecting it to make sure they are easy to comprehend (you
don’t want to choose a difficult solution);
7. Conduct thorough research on the platform, including researching the future of CRM, the
level of customization, and the level of mobility (is it accessible on a mobile device?).
Prior to finalizing your e-CRM plans, review the information above to help you get a better
understanding of the role of the solution and how it can be beneficial for your business.