Global information distribution networks:

There are two major technologies in global information distribution network.

They are:

1. Fibre optic long-distance network 

2.satellites

Fibre optic long-distance network:

The long distance network connectivity is mainly done through guided media
cables which are like fibre optic cables. These cables are responsible for
carrying large packets of data from long distance within few seconds of time.
The data which is passed through these cables is covered with full fledged
security and accuracy. These cables provide better quality service for interactive
applications. These provide attractive economic advantage for selected routes
fulfilling the required communication. Now a days the major long
distance carriers are keeping their focus on wireless technologies and are
making plans to work with different companies on wireless technology. This
technology helps increase of communication with accuracy.

Satellite network:
These have advantages over different networks. They are accessible from any
spot on the globe and able to provide broad band digital services, including
voice, data and video to many points without the cost of wire installation and
other costs. The role of satellite in communication industry has changed
the communication environment since from many years giving support to
transport of long distance Tele-communication and one-way video broadcasts.
In 1980's industry introduced a new class of satellites. These VAST  satellites
require small ground antennas for point to point network services. Now a days
VAST networks are being utilized by large corporation to link hundreds of retail
sites.

1. Hub:

A hub, at the most basic level, is a “dumb” device that operates at the Physical layer of the OSI model.
A hub forwards all signals it receives to all connected network devices. Think of a hub as a “drunk” –
when he speaks, he speaks to all around him, even if he really only means to speak with one person.
2. Switch:

Sometimes Hub can be an inefficient (think about the excess traffic created) and unsecure device. Imagine
if you wish to send sensitive credit card information over the network – do you really want every node to
receive your electronic signal? To alleviate this, the switch was developed. A switch operates at the Data
Link layer of the OSI model. It uses the MAC sub-layer to forward the relevant frames of information
only to the intended recipient. Messages can still be broadcast, but this is only an option and not the
normal condition. Unlike the “drunken” hub, the switch can speak softly to one person at a time or
announce to the crowd. The Network+ exam tends to test you on this difference between a hub and
switch, so keep it fresh in your mind.

3. Bridge: 

A bridge also operates at the Data Link layer (aka Layer 2) and is used to connect two (similar or
dissimilar) physical network segments together, forming a larger inter-network. It can forward packets
or reject them based on their destination (MAC) address.  Note: The connected network segments must
have same network ID.

4. Router: 
The router operates at the Network layer of the OSI Model and is used to forward packets across
network segments to reach a certain destination address. Do not be confused between a router and a
bridge – a bridge simply forwards packets or frames based on their destination address from one connected
network segment to another. A router can determine where a packet should be sent to given its final
destination (IP address). Usually, routers forward packets to other routers, but sometimes routers also
forward to other pieces of network equipment. A router is usually used to connect a home computer to an
“always-on” Internet connection through the home network. To appreciate what a router really does, run
tracert to your favorite website and see how many steps (hops) are involved in getting from your computer
to the web server in question.

5. Gateway: 

A gateway is any device that serves to interface with other networks using dissimilar protocols . For
example, a gateway might interface between a home network and the Internet or between a NetBIOS
network and an IPX/SPX network. A gateway operates in any of the seven OSI layers.

6. WAP: 

A Wireless Access Point is a device that allows wireless devices to access and to communicate with the
network. It acts as a bridge between the wired, traditional network and other wireless
devices.Alternatively, it can act as a bridge between wireless devices and another, linked WAP. It typically
operates in the Network layer of the OSI model as a sort of router/bridge/switch combination. Note that
most WAP devices direct traffic by MAC address, making them switched.
7. NIC: 

A Network Interface Card is a device that allows a node to connect to the network, typically in the form
of a computer “card” (PCI/ISA), but also in the form of an external (think USB) device. It can either be
wired and connect to a traditional, wired network, or wireless, and connect to a WAP.

What is the information superhighway?

An information superhighway is a telecommunications infrastructure or system

(as of television, telephony, or computer networks) used for widespread and
usually rapid access to information. The information superhighway or infobahn
was a widespread term used through the 1990s to denote alphanumeric
communication systems and the Internet telecommunications network. It is
related to the United States Senator and later Vice-President Al Gore.

Information Superhighways as the future of information technology.

The information superhighways revolution is bringing people of different
backgrounds from around the world into a global information superhighway.
The Internet provides a worldwide platform connecting thousands of networks
around the world. There is a variety of information available on the Internet for
users. It has been considered as a forum for users to share worldwide
information resources. The resources are so vast that several of us really cannot
grasp or understand the I-ways fully. It has become a ‘global information library’
which allows the users to participate in the group conversation, look for any
information, and so on. It can often be considered as a hybrid environment of
postal services, citizen's band radio, libraries, and neighborhood community
centers where we can spend time with our friends.
Components of the I-way
 

fig.no.2.Components of the I-way(informationsuperhighway.com)

It consists of various components which may be broadly categorized as;

1. Consumer access equipment: - which is at the consumer end and enables

the consumer to access the network. It consists of the hardware such as
computers, modems, routers, switches for computer networks, set-top boxes for
television networks and software platforms such as browsers and operating
systems.

2. Access road or media: - provide the communication backbone for the

transmission of data and information. The access providers can also be
differentiated into four categories: telecom based cable TV-based, wireless-
based, or computer-based online systems.

3. Global information distribution networks: providing the infrastructure for

connecting across the countries and continents. They include such networks as
the long-distance telephone lines, satellite networks, and the internet.
Rewards of the Internet as Information Superhighways.

1. The Internet provides access to information sources such as e-journals and e-

books.
2. It becomes an effective tool for accessing such an amount of information in a
short period.
3. It gives access not only to pure texts but also audio, video and graphics, and
lastly.
4. It gives the researcher the ability to access web pages and gives the researcher
the ease to view citations and supporting data which allows a collective type of
research.

fig.no.3.Information superhighway(imageconnectedsupplychain.com)

Public policy issues shaping the I-way.

1. Cost:

Who should pay for constructing the I-way? Some favor the interstate highway
model with government construction, ownership, and maintenance. Others
support the current regulated phone system model.

2. Subsidies:

Developers might hope for subsidies, tax breaks, government business, or other
forms of encouragement. What will these tax subsidies subsidize? This remains
unresolved.

3. Access to Local Infrastructure:

Local infrastructure within a country is a matter of local policy and investment
and is the area of greatest unevenness across countries. The disparity between
developed and developing data communications environments is a source of
operational frustration to businesses and also effects international connections.
In some countries, state-owned telecoms control both domestic and
international communications. There, it is extremely difficult to acquire a direct
link into a specific site, and often use of an expensive Telco-operated network is
mandated.

4. Regulation:

Some free enterprises argue that if a highway is built with private funds then
there is no government regulation. Some argue the open competition among
highway operators, but regulation to provide public access, privacy, and
reasonable tolls. What are the rules? Who writes them? Who enforces them?
These issues remain undecided.

5. Universal Access:

Equal access probably means that cable and phone companies deploying
upgraded networks going to be required to serve some consumers at prices
below cost, and to outspread wires to places where other technologies (like
satellite) would make more sense. Some insist that highway operators must
provide universal access at a reasonable cost. If the I-way is built and run by
private interests without significant government investment, the non-profit
organizations might not be able to afford to hook up to the network. Whether
universal access is nationwide or international it is still ambiguous.

6. Social and religious barriers: 

Cyberspace is considered to be a representation of free speech and democracy.

For many strongly religious, countries where free speech is alien, the Internet
presents interesting problems and policy issues. For other countries, where
women have been denied a voice and access to media for many years, the
Internet causes many headaches (the Internet doesn’t distinguish between
sexes.)
 fig.no.4.I-way(informationsuperhighway.com)

Drawbacks of the Internet as Information Super Highways.

 Varied information leads to difficulty in sorting out which type of information to

choose.
 Due to limited search engines and the way how web pages were created, results
may be unpredictable and most of the time, it would be difficult to search
effectively.
 The internet tends to miss out on some important information.
 Web pages are unstable in a way that they lack permanence and eventually
disappear at times, and lastly.
 Some information on the internet is off-limits which requires the researcher to
subscribe or register.

What do you need to know about market

forces?
The impact that market forces have on the economy feeds into sentiment on the
financial markets, so are important for investors to consider in terms of portfolio
management. Market forces drive the short-term and long-term market trends that
investors follow to inform their trading decisions.

Market forces also affect the performance of individual companies. Changes in

market forces over time can affect a company’s strategy and the products and
services it sells. Looking at market forces is one way that analysts try to predict the
performance of stocks in the future – both individual companies and the broader
financial markets.

There are several types of market forces that investors need to be aware of:

 Supply. The amount of available goods and services affect prices.

 Demand. Consumption or requirements for goods and services drive prices
and influence supply.
 Competition. Suppliers compete on costs and quality to gain the most
customers.
 Government. Fiscal and monetary policies influence markets.
 Currency. The flow of funds into and out of a country reflect economic
strength.
 Investor sentiment. Expectations about the health of the economy drive
trends.
 Social and cultural. Demographic, cultural and social trends change
marketing approaches over time.

Market forces examples include how weather can disrupt the supply
of commodities and how social consciousness surrounding climate change is
changing demand for products.

For instance, heavy rainfall can damage crops like coffee in Latin America or rice in
southeast Asia, reducing supply and increasing prices. Conversely, an increase in
crude oil production that creates a surplus above demand levels brings down oil
prices as supply is readily available and sellers will accept lower prices to offload
their inventory.

.
 fig.no.5.Information superhighway(miromedium.com)

Conclusion

Information Superhighways, thus, allows people around the world to

communicate and access information all at the same time. On the other hand, it
also has its drawbacks in a way that it sometimes has limited access to millions
of information, and due to various amounts of information available, it leads to
difficulty in choosing which information to choose. And so, just like almost
everything around us is, information way, still, is something that should be used
with utmost responsibility and accountability given its strengths and
weaknesses.

Broadband

In telecommunications, broadband is a wide bandwidth data transmission with an

ability to simultaneously transport multiple signals and traffic types. The medium can
be coaxial cable, optical fiber, twisted pair, or wireless broadband (wireless
broadband includes Mobile broadband). In contrast,baseband describes a
communication system in which information is transported across a single channel.
In telecommunications, a broadband signaling method is one that handles a wide
band of frequencies. "Broadband" is a relative term, understood according to its
context. The wider (or broader) the bandwidth of a channel, the greater the
information-carrying capacity, given the same channel quality. Broadband
telecommunication is completed by the help of ATM, ISDN, Frame Relay, etc.

ATM

Asynchronous Transfer Mode (ATM) is, according to the ATM Forum,

"a telecommunications concept defined by ANSI and ITU (formerly CCITT)
standards for carriage of a complete range of user traffic, including voice, data,
and video signals". ATM was developed to meet the needs of the Broadband
 
Integrated Services Digital Network, as defined in the late 1980s, and designed to
unify telecommunication and computer networks. It was designed for a network that
must handle both traditional high-throughput data traffic (e.g., file transfers),
and real-time, low-latency content such as voice and video. The reference model
for ATM approximately maps to the three lowest layers of the ISO-OSI reference
model: network layer, data link layer, and physical layer. ATM is a core protocol
used over the SONET/SDH backbone of the public switched telephone
network (PSTN) and Integrated Services Digital Network (ISDN), but its use is
declining in favour of all IP.
ISDN

Integrated Services for Digital Network (ISDN) is a set of communication

standards for simultaneous digital transmission of voice, video, data, and other
network services over the traditional circuits of the public switched telephone
network. Prior to ISDN, the telephone system was viewed as a way to transport
voice, with some special services available for data. The key feature of ISDN is
that it integrates speech and data on the same lines, adding features that were not
available in the classic telephone system.

Integrated services refers to ISDN's ability to deliver at minimum two simultaneous

connections, in any combination of data, voice, video, and fax, over a single line.
Multiple devices can be attached to the line, and used as needed. That means an
ISDN line can take care of most people's complete communications needs (apart
from broadband Internet access and entertainment television) at a much higher
transmission rate, without forcing the purchase of multiple analog phone lines. It
also refers to integrated switching and transmission in thattelephone
switching and carrier wave transmission are integrated rather than separate as in
earlier technology.

Frame Relay
Frame relay is a standardized wide area network technology that specifies the
physical and logical link layers of digital telecommunications channels using
a packet switching methodology. Originally designed for transport across Integrated
Services Digital Network (ISDN) infrastructure, it may be used today in the context
of many other network interfaces.

Network providers commonly implement frame relay for voice (VoFR) and data as
an encapsulation technique, used betweenlocal area networks (LANs) over a wide
area network (WAN). Each end-user gets a private line (or leased line) to a frame
relaynode. The frame relay network handles the transmission over a frequently
changing path transparent to all end-user extensively used WAN protocols. It is less
expensive than leased lines and that is one reason for its popularity. The extreme
simplicity of configuring user equipment in a frame relay network offers another
reason for frame relay's popularity.

Difference between ATM and Frame Relay

1. Although both techniques are based on end to end delivery of quantized data,
there are many differences in terms of sizes of the data quanta, application network
types, controlling techniques etc.

2. Although ATM uses fixed size packets (53 bytes) for data communication, frame
relay uses variable packet sizes depending on the type of information to be sent.
Both information blocks have a header in addition to data block and transfer is
connection oriented.
3. Frame Relay is used to connect Local Area Networks (LAN) and it is not
implemented within a single area network contrast to ATM where data transfers are
within a single LAN.

4. ATM is designed to be convenient for hardware implementation and therefore,

cost is higher compared to frame relay, which is software controlled. Therefore
frame relay is less expensive and upgrading is easier.

5. Frame relay has a variable packet size. Therefore it gives low overhead within
the packet which results it an efficient method for transmitting data. Although fixed
packet size in ATM, can be useful for handling video and image traffic at high
speeds, it leaves a lot of overhead within the packet, particularly in short
transactions.

What is m-commerce?
M-commerce (mobile commerce) is the buying and selling of goods and services
through wireless handheld devices such as smartphones and tablets. M-commerce
is a form of e-commerce that enables users to access online shopping platforms
without the use of a desktop computer.

Over time, content delivery through wireless devices has become faster, more
secure and scalable. As a result, mobile commerce has grown rapidly.
 M-commerce encompasses three major
approaches to mobility and business.

Examples of m-commerce include in-app purchasing; mobile banking virtual

marketplace apps, such as the Amazon mobile app; and digital wallets, such
as Apple Pay, Google Pay and Samsung Wallet.

Examples of m-commerce use in specific industries include the following:

 Financial services. Mobile banking and brokerage transactions are done

from mobile devices.

 Telecommunications. Handheld devices are used to make service

changes and bill payments, and to do account reviews.

 Service and retail. Consumers place and pay for orders on-the-fly

through online stores.

 Information services. Financial, sports, traffic, weather and many other

news updates are accessed through mobile devices.
Types of m-commerce
M-commerce is categorized based on the following three basic functions:
 Meta rebranded Facebook Pay as Meta Pay,
which lets users pay for digital items in the metaverse.

 Mobile shopping enables customers to buy a product using a mobile

device with an application such as Amazon or a web app. A subcategory
of mobile shopping is app commerce, which is a transaction that takes
place over a native app.

 Mobile banking is online banking designed for handheld technology. It

enables customers to access accounts and brokerage services, conduct
financial transactions, pay bills and make stock trades. This is typically
done through a secure, dedicated app provided by the banking
institution. Mobile banking services may use SMS or chatbots and other
conversational app platforms to send out alerts and track account
activities. For example, the WhatsApp chatbot lets customers view their
account balance, transfer funds, review loans and conduct other
transactions in real time through WhatsApp.

 Mobile payments are an alternative to traditional payment methods,

such as cash, check, credit and debit cards. They enable users to buy
products in person using a mobile device. Digital wallets, such as Apple
Pay, let customers buy products without swiping a card or paying with
cash. Mobile payment apps, such as PayPal, Venmo and Xoom serve the
same purpose and are popular options. Mobile consumers also use QR
codes to pay for things on their mobile phones. With mobile payments,
users send money directly to the recipient's cell phone number or bank
account.
How mobile commerce works
With most m-commerce enabled platforms, the mobile device is connected to a
wireless network that is used to conduct online product purchases and other
transactions.

For those in charge of developing an m-commerce application, important key

performance indicators to monitor include the following:

 total mobile traffic;

 total application traffic;

 average order value; and

 the value of orders over time.

Similarly, tracking the mobile add-to-cart rate will help developers see if users are
becoming customers. M-commerce developers may also be interested in logging
average page loading times, mobile cart conversion rates and SMS subscriptions.

Mobile payment products operate through a form of peer-to-peer sharing. Once a

mobile device is paired with a user's bank card information, the phone can be
waved over a payment terminal to pay for a product. Contactless payment using a
mobile device uses near-field communication technology.

M-commerce vs. e-commerce

Electronic commerce, or e-commerce refers to buying and selling goods and
services over the internet. E-commerce and m-commerce are similar, but they
come with a few distinctions from each other, such as the following:

Mobility. E-commerce transactions can be conducted through a desktop computer

where the user is in a fixed spot. This reduces mobility as it can be difficult to
move around a desktop device. M-commerce offers greater mobility as it's
conducted through handheld devices that can be used anywhere there's an internet
connection, including buses, trains and airplanes or when exercising at the gym.

Location tracking. Many e-commerce apps make use of location tracking

capabilities to pitch users opportunities based on their location. However, the
location tracking capability of e-commerce is limited when it is used with a
nonmobile device. For example, the location of an e-commerce shopper is tracked
with their IP address. While the IP address provides a broad region of the user's
location, it is not capable of identifying the exact location, which might affect the
targeted advertising strategies of a business. M-commerce apps, on the other hand,
can track locations using Wi-Fi and GPS-based technologies that enable location-
specific content and personalized recommendations. For instance, a provider can
send push notifications offering personalized discounts that target certain
customers as they walk past a specific store in a mall.

Security. Credit cards are still commonly used for nonmobile e-commerce

payments. They are considered riskier than other online payment methods, even
with security measures, such as multifactor authentication. Most data breaches and
identity thefts happen because of credit card misuse. M-commerce closes some
security gaps through the addition of measures such as biometric authentication,
mobile wallets, quick response or QR codes and even cryptocurrencies.

Reachability and convenience. M-commerce makes it easier to reach a target

audience. With mobile apps, businesses can reach more people and make their
buying experience easier and faster.

Advantages and disadvantages of mobile commerce

The advantages of m-commerce include the following:

 Large customer base. M-commerce provides for a larger customer base

and better retention than e-commerce in general, because m-commerce
capabilities are more widely and easily accessible. Also, mobile
analytics offers insights into customer shopping behavior, pattern and
history. To boost retention rates, businesses can use this data to target
shoppers with personalized offers and tailor-made discounts.

 Convenience. M-commerce makes it easier for customers to compare

prices, read reviews and make purchases when and where they want to
do these things.
  Product variety. Customers can browse through a huge inventory of
products while also taking advantage of the competitive pricing.

 Automation. M-commerce automates a business's point of customer

contact and sales with a variety of mobile contactless payment options,
such as Apple Pay, PayPal One Touch and Visa Checkout. Many e-
commerce sites also offer one-click checkout process functionality,
which enables users to add payment information only once and then use
the one-click option for every purchase made thereafter.

 Omnichannel experience. M-commerce creates

an omnichannel experience where products can be sold via multiple
channels -- e-commerce websites, Amazon, eBay, Instagram. This
approach makes it easier for customers to buy whenever and wherever
they want.

Disadvantages of m-commerce include the following:

 Poor execution. The smaller screens of mobile phones and tablets

require specific navigation functionality. Consequently, intuitive mobile
user interfaces are complicated and expensive to design. A poorly
executed mobile customer experience can frustrate customers and deter
them from making purchases.

 Payment issues. Mobile payment options are not available in every

geographic location and may not support every type of digital wallet.

 Tax compliance. Businesses must know and comply with tax laws and
regulations of all countries they ship to. Some businesses will avoid this
by only authorizing purchases from and shipping to their country of
origin.

 Security vulnerabilities. Many users are still hesitant to make purchases

over a mobile device because of security risks. Even with two-factor
authentication, mobile fraud is on the rise and many merchants have still
not adopted fraud prevention practices for the smaller screen. Attacks,
such as SIM swaps and mobile malware, are becoming more common
 and can discourage users from making payments through their mobile
devices.
Future of mobile commerce
Mobile commerce is evolving and starting to reach a wider audience. According to
Insider Intelligence, 6.9% of retail transactions will take place through a mobile
device in 2022 and m-commerce will account for 10.4% of all retail sales by 2025.
Many businesses are adopting mobile commerce to avoid falling behind the
competitors.

The following are some of the current and future mobile commerce trends:

Mobile retargeting. This concept is an extension of location-based mobile

marketing. Instead of putting ads at random places, this trend targets them
contextually only at potential customers. For example, marketers can send an ad to
users who have previously visited their mobile app or they might present an active
mobile targeted ad to a user who comes into proximity of their store. Mobile
retargeting offers a better return on investment compared with other advertisement
strategies and is likely to become more popular in the future.

Augmented reality (AR). The number of mobile applications with embedded AR

is growing rapidly. To improve its brand presence and provide digital content
optimization, retail giant Ikea introduced an AR mobile application in 2017 that
lets shoppers test products in real time through Apple iOS 11's ARKit technology.
Customers use AR models of IKEA furniture from the mobile app to see how those
pieces fit in their home and office spaces. Many brands, including Coca-Cola,
Zara, Covergirl and Pez, also use embedded AR in their mobile apps.

Mobile SEO. With the growing number of smartphone users accessing the

internet, mobile responsive websites have become a necessity. Websites that are
not mobile-friendly or do not provide a good user experience risk user
abandonment, which in turn increases the bounce rate of their websites. Websites
with higher bounce rates rank lower in SEO and Google searches. Therefore,
building mobile websites that are adaptive to handheld devices is an important goal
for all businesses.
Mobile banking. The biggest advantage of mobile banking is the ability to send
money anywhere, anytime. Users can send money to others and conduct
transactions with their bank irrespective of their location. This trend is likely to
keep growing. According to Business Insider, as of 2021, there are an
estimated 169.3 million mobile banking users in the United States, of whom nearly
80% said that mobile banking was their preferred way to access their accounts.

AI, chatbots and shopping assistants. Powered by AI, chatbots are becoming

essential e-commerce tools. They help shoppers around the clock with product
recommendations, purchase completion, customer support and other tasks.
According to a Grand View Research report, the global AI chatbot market
is expected to reach $3.99 billion by 2030. Shoppers are becoming more
comfortable with chatbots as they have become accustomed to chatting with their
friends and family over chat apps, such as WhatsApp, Facebook Messenger and
Telegram.

Mobile ticketing. Gone are the days when users had to wait in long lines to buy
movie or concert tickets. With mobile ticketing, users can buy and receive tickets
through their smartphones. Mobile ticketing also eliminates the need to print the
tickets as users receive them on their phones in a text format with a barcode that
gets scanned at events

Applications of M-commerce

Other than the straightforward m-commerce transactions of buying

and selling of goods and services, they have so many applications.
Let us take a look at a few examples,

 Mobile Banking: Using a mobile website or application to

perform all your banking functions. It is one step ahead of
online banking and has become commonplace these days.
For example, in Nigeria, the majority of banking transactions
happen on mobile phones.
  Mobile Ticketing and Booking: Making bookings and
receiving your tickets on the mobile. The digital ticket or
boarding pass is sent directly to your phone after you make
the payment from it. Even in India now IRTC and other
services provide m-ticketing services.
 E-bills: This includes mobile vouchers, mobile coupons to be
redeemed and even loyalty points or cards system.
 Auctions: Online auctions having now been developed to be
made available via mobile phones as well.
 Stock Market Reports and even stock market trading over
mobile applications.

What is WAP?
WAP is a protocol that is introduced in 1999, which stands for Wireless application
protocol. It offers Internet communications over wireless devices, such as mobile
phones. In the early 2000s, it accomplished some popularity and was mainly
superseded by more recent standards by the 2010s. Also, it offers a way of creating
web applications for mobile devices, and it is designed for micro-browsers.

Most of the wireless networks are supported by WAP, as well as TDMA, CDMA,

and GSM. Also, all operating systems can support a wireless application protocol. It
enables access to the internet in mobile devices and uses the mark-up language like
WML, which stands for Wireless Markup Language that is referred to as XML 1.0
application. WAP offers the facility to connect interactive wireless devices (like mobile
phones) to the internet and enhances wireless specification interoperability.
WAP may be created on any kind of operating system, and it acts in an open
application environment. It is more beneficial for mobile users as it has the ability to
deliver electronic information efficiently. In 1998, Nokia, Motorola, Ericson, and
Unwired Planet founded the WAP Forum, whose objective was to standardize several
wireless technologies with the help of protocols.

The WAP CSS (cascading style sheet) makes capable of developers to format screen

sizes in order to mobile device adaptability. When the WAP CSS content is used, then
reformatting is not required. It controls page layout compatibility with different
mobile device's display screens.

The transport layer handles the physical network issues, by which wireless gateways
can be easily accessed by global wireless operations. A WAP gateway is a server,
which provides the facility to access the wireless network. The WAP Forum offers
specification development, WAP tool testing and also provides support for all mobile
services. Now, the WAP Forum is referred to as the Open Mobile Alliance.

WAP Model
In the mobile device, the user opens the web browser and access the website and
visit webpages accordingly. The mobile device forwards the URL request to a WAP
gateway through the network using the WAP protocol. Then, the WAP gateway refers
to this request over the internet after translating it into a conventional HTTP URL
request. The specified Web server accepts the request and processes the request.
Then, it returns the response to the mobile device in the WML file through the WAP
gateway that will be displayed in the web browser on the device.
WAP Protocol stack

1. Application Layer (WAE)

The Wireless Application Environment contains content development programming

languages like WML and mobile device specifications. It functions much like
a JavaScript and holds the tools that wireless Internet content developers use. It
includes scripting languages such as WML and WMLScript that are used in
conjunction with WML.

2. Session Layer (WSP)

It determines the session will be connection-oriented or connectionless between the

device and the network and offers a reconnection and fast connection suspension.
The data is passed both ways between the network and the device in the connection-
oriented session. Then, WSP forwards the packet to the next layer WTP (Wireless
Transaction Protocol). When the information is being streamed or broadcast from the
network to the device, commonly, the connectionless session is used. Then, WSP
forwards the packet to the WDP (Wireless Datagram Protocol) layer.

3. Transaction Layer (WTP)

The Wireless Transaction Protocol offers transaction support. It is a part

of TCP/IP and runs on top of UDP, which stands for User Datagram Protocol.

4. Security Layer (WTLS)

The Wireless Transport Layer Security provides security in terms of data integrity,
privacy and authentication that help to save your data. It also has the ability to work
like Transport Layer Security. Also, it contains security features that have Transport
Layer Security.

5. Transport Layer (WDP)

With the network carrier layer, the Wireless Datagram Protocol functions in
conjunction and presents a constant data format to higher layers of WAP protocol
stack.

Components of WAP
There are three major components of the WAP, which are as follows:

1. Protocol Support

o IP networks: Protocols supported contains the HTTP (known as WP-HTTP), TLS, and

the wireless "profiled" versions of TCP (known as WP-TCP).
o Non-IP networks: It includes four layers: Wireless Transport Layer Security, Wireless
Datagram Protocol, Wireless Session Protocol, and Wireless Transaction Protocol.

2. Application Environment

o WML Specification: WML stands for Wireless Markup Language, based on XML and
XHTML.
o WMLScript Specification: A scripting language that is used for running code on
clients.
o WAP Micro Browser: Especially, it is designed to control the WAP device. WAP
devices make capable of operating in a limited resource environment with the help of
a WAP micro-browser.
AD

3. Services and Capabilities

o Customization of User Profile: On the basis of client device capabilities and user
preferences, WAP enables servers to customize content delivered to users.
o Telephony Support: Wireless application protocol allows telephone services to be
operated from within a data environment. As a result, WAP phones can function as
web devices and integrated voice.

Advantages of WAP
There are various advantages using WAP; such are as follows:

Portability

AD

The primary use of WAP is to write applications using proprietary protocols. When
you are porting applications to a different kind of network, it will need substantial
code rewriting. For example, a different type of networks like GSM and CDMA, and
bearer protocol like CSD (circuit-switched data) or SMS (short message service).

User Experience

o The devices with limited processing power, small screens, limited memory, and
limited battery.
o Provide a narrow bandwidth connection.

Cost and Application Development Time Reduction

WAP helps to add new services at a lower cost and quickly. It could be done by the
WAP tools and platforms like WAP devices, WAP gateways, and WAP software
development tool kits.

Some of the other advantages of WAP are:

o No hardware obsolescence
o Real-time send/receive data
o Most modern mobile telephone devices support WAP
o Implementation near to the Internet model
o Time-saving
 o Increased sales for devices, infrastructure & gateway manufacturer.
o Personalized

Disadvantages of WAP

o Not very familiar to the users

o The third party is included
o The business model is expensive
o Low speeds, security, and very small user interface
o Small display screens
o Limited bandwidth
o Speed of access and limited availability

Applications for WAP

Corporate Applications: The WAP has used incorporation applications where
salespeople want to use their WAP for allowing direct access to the latest pricing,
handsets to get instant, competitive information any time, latest news.

Mobile Banking: It is used in the banking sector for different purposes, such as
provide details of user account balance, last four transactions, overdraft limits and so
on. The elements such as WAP, private information services, security and various
different other elements are included in it. Additionally, it has numerous ways to
provide Users' information. On the other hand, the user can get information by
sending a request via message, or the service can be push-based, which means it can
be automatically generated on the basis of events or set intervals.

All mobile phones are able to run mobile banking services, or services can be tailored
for a protocol-compliant phone or particular branded phone, e.g., WAP. Furthermore,
the WAP is not only beneficial for information provision, but it can also secure
electronic commerce and mobile transactions.

Games: Games are a huge service that is most widely used by people in terms of
applications or software in mobile devices. Similarly, as music distribution will
increase electronically, games will also increase. You can download games or videos
from an internet site rather than go to a video store to rent a game or video.

Mobile Commerce: It is required to use a mobile phone for transactions in mobile

commerce applications. Usually, it means transferring funds electronically or making
a payment for goods. Electronic commerce applications offer services for transferring
money between accounts and paying the amount for purchasing something.
Ringtones: It is another emerging service to download ringtones. When someone
calls on the phone, it plays tunes. The phone users can change their phone ringtone
to make different it from others. Usually, phones come with different inbuilt
ringtones into its internal memory, which users can select from them to set on the
phone ringtone. However, in moderns times, it is more common to download the
ringtones from an internet site to the phone. Additionally, there are also many
ringtone composers available that help users to compose their own unique ringtones
according to their requirements.

Unified Messaging: It is an emerging value-added network service that elevates

communication above the technology used to communicate. People get different
kinds of messages that are difficult to manage. For accessing different types of
messaging, unified messaging offers users a single interface. Typically, it helps to
notify people when they get a new message with the help of alerting them through a
unified messaging box. The short message commonly includes an indication to
specify the new message. Furthermore, with WAP, users can access and manage their
unified messaging box accordingly.

Positioning: The meaning of positioning in terms of mobile context can include

several things: the location of phones or vehicles or people. The GPS (Global
Positioning System) is a global network of 24 satellites. A receiver with GPS can get
their satellite position and find out the location. The SMS is standard for
sending GPS information like latitude, longitude, bearing, and latitude. Generally, the
length of GPS information is around 60 characters, which can leave room for other
vehicle-specific information.

Qualitative Information:

The different variety of content can be delivered to mobile phone users, such as
share prices, flight information, lottery results, sports scores, weather, jokes, news
headlines, and more. This information may be in the form of any kind of visual
information, graphs or maps.

History of WAP
In 1988, Nokia, Ericsson, Unwired Planet, and Motorola founded the WAP Forum. To
collect together the several wireless technologies in a standardized protocol was the
main objective to develop the WAP (Wireless application protocol).

Europe

When the WAP is introduced, it was hyped by Marketers. BT Cellnet, a UK telecom

that ran an advertising campaign, in which with the help of a Neuromancer like
information space, a cartoon WAP user was browsed.
Between 2003 and 2004, when the wireless services, such as T-Mobile T-Zones,
Vodafone Live! and other easily accessible services, were introduced, the WAP made
a stronger resurgence. By transferring of UMTS and GPRS, operator revenues were
generated that is a different business model as compared to use by the traditional
ISPs and Web sites.

The use of WAP had largely disappeared until 2013. The use of WAP has been retired
by most of the major websites and companies, and for many years, it is not
conventional technology for the web on mobile phones. Now, the latest mobile
phone internet browsers are designed in such a way; they are capable of
supporting HTML, CSS, and JavaScript. Also, for webpage compatibility, modern
handsets avoid the need for using any type of WAP markup. The handsets that
support HTML are widespread, such as all versions of the iPhone, Android handsets,
all Windows Phone, many Nokia handsets, and all Blackberry devices.

Asia

In Japan, the WAP got major success; even it was not used by the largest operator
NTT DoCoMo, successfully deployed by SoftBank Mobile and rival operators KDDI
(au). Especially the services based on WAP are Java (JSCL), J-Phone's Sha-Mail picture
mail services, as well as (au)'s chakumovie. In 2010, WAP and i-mode usage declined
like Europe, as the smartphones that HTML capable become popular in Japan.

USA

In the US, the adoption of WAP was suffered as many cell phones required extra fees
for data support and separate activation. There was also a reason for suffering from
adopting the WAP in the US; telecommunications companies demanded limiting
data access to only approved data providers. On 31 July 2007, With the related to the
problem, the FCC (Federal Communications Commission) issued an order. The third-
party application developers, device manufacturers, and others can use any
application or device while operating on this particular licensed network band.

What is WAP 2.0?

The WAP forum 2.0 version was introduced in 2002 that helps to enhance the
wireless user experience, and uses a cut-down version of XHTML with end-to-end
HTTP and carries the wireless world closer to the internet with a suite of
specifications. It offers support for protocols like HTTP, TCP, and IP that provide an
environment, which allows wireless devices to use present internet technologies.
Additionally, it is configured by the operator and can include billing information,
telephone numbers, location, and other handset information. It includes various
features; such are as follows:
 o It enhances of WAP Push functionality.
o For describing the device capabilities, it provides a user agent profile.
o Furthermore, it also offers an external functionality interface for supporting external
plug-in, such as functionality in micro browsers.

What is WAP Gateway

The Wireless Application Protocol (WAP) gateway is a software system that decodes
and encodes requests and responses between the smartphone micro browsers and
the internet. A request for accessing a website is sent via a WAP gateway as it
provides security. It helps devices that are WAP-enabled wireless to communicate to
applications and internet Web sites. You need a WAP gateway service if you want to
access internet resources from a WAP-enabled wireless device. WML (Wireless
Markup Language) helps to deliver web pages in a special format, which is compiled
and forwarded through the WAP gateway.

The WAP gateway typically is a server that functions as an intermediary in an access

request. The HTTP requests for a web site to the server, the server gets data from the
requested website. Then, convert it into an encrypted form that displays on the client
browser.

WAP browser
A WAP browser enables mobile devices to access compatible web pages. A large
number of internet protocols can be used by the mini browser to convert web pages
into plain text. Usually, in terms of a WAP browser effectiveness, web developers
create separate WAP web pages for mobile devices. The web content generally takes
longer to load without WAP optimization, also may not translate the content
correctly in order to mobile devices.

Advanced internet languages like extensible hypertext markup language (XHTML)

and compact hypertext markup language (CHTML) are also supported by the WAP
browsers today. It has made it possible for newer mobile devices to support
advanced internet languages with the WAP browser to translate popular XHTML
media elements. Older types of mobile devices that contain small display screens still
use the WAP browser to translate web pages. Even modern mobile devices can
handle displaying web pages in their entirety as they are increasingly powerful.

What is WML?
Wireless markup language (WML) is a markup language that is based on HTML and
HDML. The HTML (Hypertext markup language) translates content for desktop
browsers, but WML translates for wireless devices that are not capable of processing
capabilities. For mobile phones, it is used to develop websites and is specified as an
XML document type. While designing websites with a wireless markup language,
limitations of wireless devices such as limited memory, small display screens, small
resources and low bandwidth of transmission have to be considered. The sites
designed with WAP are different from normal HTML sites, as they are
monochromatic (only black and white) and have very small space for display screen.

Features of WML

o User Interaction: It offers simple ways to communicate with users, as users are free
to choose inputs such as keys or voice; because it has the ability to support several
types of input like text entry control, password entry, and option selector.
o Text and Images: WML describes a way for presenting the images and text to the
user. The images will be monochrome and need to be in WBMP format.
o Navigation: WML provides browsing history and hyperlink navigation.
o Context Management: This state can be saved between different decks. It includes
some key features as compared to HTML, which is given below:
o The variables cannot be stored in HTML, but variables can be defined in WML that
holds data in string format.
o HTML is a markup language for desktop, but WML is for small, wireless computing
devices.
o The image format supported by WML is WBMP, and HTML supports, GIF and JPEG,
BMP.
o HTML is not case sensitive, and WML follows XHTML specification; hence, it is case
sensitive.

What is eCommerce or electronic commerce security?

eCommerce security is the guideline that ensures safe transactions through the internet. It consists of
protocols that safeguard people who engage in online selling and buying goods and services. You
need to gain your customers’ trust by putting in place eCommerce security basics. Such basics
include:
 Privacy
 Integrity
 Authentication
 Non-repudiation
1. Privacy
Privacy includes preventing any activity that will lead to the sharing of customers’ data with
unauthorized third parties. Apart from the online seller that a customer has chosen, no one else should
access their personal information and account details.
A breach of confidentiality occurs when sellers let others have access to such information. An online
business should put in place at least a necessary minimum of anti-virus, firewall, encryption, and
other data protection. It will go a long way in protecting credit card and bank details of clients.
2. Integrity
Integrity is another crucial concept of eCommerce Security. It means ensuring that any information
that customers have shared online remains unaltered. The principle states that the online business is
utilizing the customers’ information as given, without changing anything. Altering any part of the data
causes the buyer to lose confidence in the security and integrity of the online enterprise.
3. Authentication
The principle of authentication in eCommerce security requires that both the seller and the buyer
should be real. They should be who they say they are. The business should prove that it is real, deals
with genuine items or services, and delivers what it promises. The clients should also give their proof
of identity to make the seller feel secure about the online transactions. It is possible to ensure
authentication and identification. If you are unable to do so, hiring an expert will help a lot. Among
the standard solutions include client login information and credit card PINs.
Also Read: Security Audit Services: Importance, Types, Top 3 Companies
4. Non-repudiation
Repudiation means denial. Therefore, non-repudiation is a legal principle that instructs players not to
deny their actions in a transaction. The business and the buyer should follow through on the
transaction part that they initiated. eCommerce can feel less safe since it occurs in cyberspace with no
live video. Non-repudiation gives eCommerce security another layer. It confirms that the
communication that occurred between the two players indeed reached the recipients. Therefore, a
party in that particular transaction cannot deny a signature, email, or purchase.
Why you can’t afford to overlook eCommerce security?
While growth in eCommerce has improved online transactions, it has attracted the attention of the bad
players in equal measures. eCommerce cybercrime reports reveal that the industry is among the most
vulnerable ones when it comes to cybercrimes.
The eCommerce world experiences about 32.4% of all attacks. 50% of small eCommerce store
owners are lamenting that the attacks are becoming severe. Furthermore, the reports show that 29% of
traffic accessing a website consists of malicious requests.
Such attacks have contributed to significant losses in financials, market shares, and reputation. Almost
60% of small eCommerce stores that experience cybercrimes don’t survive more than six months.
Therefore, it is very crucial to put in place water-tight security measures and hire a robust team. It will
ensure you run your business without worrying about closing down due to cybercriminals.
Common Ecommerce Security Issues
1. Lack of trust in the privacy and eCommerce security
Businesses that run eCommerce operations experience several security risks, such as:
  Counterfeit sites– hackers can easily create fake versions of legitimate websites without
incurring any costs. Therefore, the affected company may suffer severe damage to its
reputations and valuations.
 Malicious alterations to websites– some fraudsters change the content of a website. Their
goal is usually to either divert traffic to a competing website or destroy the affected
company’s reputation.
 Theft of clients’ data– The eCommerce industry is full of cases where criminals have stolen
the information about inventory data, personal information of customers, such as addresses
and credit card details.
 Damages to networks of computers– attackers may damage a company’s online store using
worm or viruses attacks.
 Denial of service– some hackers prevent legit users from using the online store, causing a
reduction in its functioning.
 Fraudulent access to sensitive data– attackers can get intellectual property and steal,
destroy, or change it to suit their malicious goals.
2. Malware, viruses, and online frauds
these issues cause losses in finances, market shares, and reputations. Additionally, the clients may
open criminal charges against the company. Hackers can use worms, viruses, Trojan horses, and other
malicious programs to infect computers and computers in many different ways. Worms and viruses
invade the systems, multiply, and spread. Some hackers may hide Trojan horses in fake software, and
start infections once the users download the software. These fraudulent programs may:
 hijack the systems of computers
 erase all data
 block data access
 forward malicious links to clients and other computers in the network.
3. Uncertainty and complexity in online transactions
Online buyers face uncertainty and complexity during critical transaction activities. Such activities
include payment, dispute resolution, and delivery. During those points, they are likely to fall into the
hands of fraudsters.
Businesses have improved their transparency levels, such as clearly stating the point of contact when
a problem occurs. However, such measures often fail to disclose fully the collection and usage of
personal data.
Also Read: SaaS Security Management- A Complete Guide To 6 Best Security Practices
E-commerce website  security measures to cover you 24/7
1. Use Multi-Layer Security
It is helpful to employ various security layers to fortify your security. A Content Delivery Network
(CDN) that is widespread can block DDoS threats and infectious incoming traffic. They use machine
learning to keep malicious traffic at bay.
 Source: NIST
You can go ahead and squeeze in an extra security layer, such as Multi-Factor Authentication. A two-
factor authentication is a good example. After the user enters the login information, they instantly
receive an SMS or email for further actions. By implementing this step, it blocks fraudsters as they
will require more than just usernames and passwords to access the legit users’ accounts. However,
hacking can still occur even if an MFA is in place.
Most companies that use MFA are still successfully hacked.
— Roger Grimes, 2018
2. Get Secure Server Layer (SSL) Certificates
One of the primary benefits of SSL Certificates is to encrypt sensitive data shared across the internet.
It ensures that the information reaches only the intended person. It is a very crucial step because all
data sent will pass through multiple computers before the destination server receives it.
Image Source: Comodo
If SSL certificate encryption is absent, any electronic device between the sender and the server can
access sensitive details. Hackers can thus take advantage of your exposed passwords, usernames,
credit card numbers, and other information. Therefore, the SSL certificate will come to your aid by
making the data unreadable to unintended users.
2. Use solid-rock Firewalls
Use effective e-commerce software and plugins to bar untrusted networks and regulate the inflow and
outflow of website traffic. They should provide selective permeability, only permitting trusted traffic
to go through.
You can trust the Astra firewall to stop Spam, XSS, CSRF, malware, SQLi, and many other attacks on
your website. It ensures that the only traffic that accesses your eCommerce store consists of the real
users. Moreover, we have specialized WAF solutions for WordPress, Magento, Opencart, Prestashop,
Drupal, Joomla, and custom made PHP sites.
In a nutshell, the Astra firewall protection from:
 OWASP top 10 threats
 Protection from bad bots.
 Spam protection.
 Protection against 100+ types of attacks.
How does the Astra Firewall work?
3. Anti-Malware Software
Your electronic devices, computer systems, and web system need a program or software that detects
and block malicious software, otherwise known as malware. Such protective software is called Anti-
malware software. An effective anti-malware should render all the hidden malware on your website.
One such scanner is the Astra Malware Scanner. It scans your web system for all malicious software
round the clock and is at your disposal It also lets you automate your scans with its “Schedule a Scan”
feature. You can schedule the scans daily, weekly, monthly or fortnightly.
Related Blog – Astra’s Sample Penetration Testing Report
With Astra Scanner, you can enjoy:
 unlimited scans
 Notifications in case of any changes in file
 scanning powered by machine learning.
 collective intelligence
It is capable of cleaning malware like credit card hack, Japanese spam, pub2srv, Pharma attacks, and
malicious redirects.
WP-VCD malware flagged by Astra’s Malware Scanner
4. Comply with PCI-DSS Requirements
Make it a routine to maintain the Payment Card Industry Data Security Standard (PCI-DSS) to protect
all credit card data. All businesses that handle credit card transactions need to follow these
requirements:
PCI-DSS Requirements; Source: Medium

. Malware

Malware — a combination of the words malicious and software — is an umbrella

term used to refer to software that damages computers, websites, web servers, and
networks. 

While malware isn't a new threat, hackers are constantly capitalizing on new

approaches. This includes ransomware, viruses, spyware, and trojans.

Once installed, malware can deny access to your network, secretly obtain sensitive
data, and even destroy your system.

How it occurs:

Hackers send victims a “planted” link that installs infected software. Once installed,
the software quickly replicates and spreads to other computers in the network.

Downloading malware is more common than you might think. 

A PC matic survey of employees working from home revealed that six out of ten
have been using their own devices to work remotely. Even worse, only 9% of
companies have installed antivirus software on their employees’ devices.

Some signs of malware include:

  A slow PC response — frequent freezing or crashing.
 Unusually high internet data consumption.
 Modified or deleted files.
 New programs or desktop icons you don't recall installing/creating.
 Programs running or closing on their own.
 Unusual messages being sent to your contacts list without your permission.

✅ Take action: Every Aura plan comes with intelligent safety tools — VPN, antivirus, password
manager, and more — to protect your digital privacy and data. Try Aura’s online and device
security features today.

2. Ransomware

Ransomware is a type of malware that involves extortion. Hackers prevent users

from accessing data, threatening to publish or delete it until a ransom is paid.

How it occurs:

Hackers take control of a victim’s computer when they click links or download
attachments that contain malware.

Recent examples of ransomware:

2021 saw a surge in ransomware attacks. One of the biggest attacks happened to

Kia Motors. A cyber hacker group called DoppelPaymer demanded $20 million worth
of Bitcoins to decrypt files.

The Washington, D.C. Police Department was also not spared. Babuk, a group of
Russian nation-state hackers, gathered 250GB of confidential files and demanded
$4 million in exchange.

3. Cryptojacking

Cryptojacking uses your computer to secretly “mine” cryptocurrencies such as

Bitcoin and Ethereum. While not an immediate threat, it can slow down your devices
significantly.

How it occurs:

Hackers use phishing emails or other methods to get you to click a link that then
downloads the cryptojacking malware to your device. 

Recent examples of cryptojacking:

In 2019, two members of the Romanian hacking group Bayrob Group were
sentenced to 20 years in prison [*] after their cryptojacking malware infected 400,000
computers. 
In an even more bizarre case, it was recently discovered that Norton  – a company
that makes software designed to protect you from viruses — now installs
cryptomining software on your device by default. 

4. Viruses

Computer viruses are malicious pieces of code that damage your device and can
replicate and spread between hosts. Much like flu viruses that can’t replicate without
a host, computer viruses can’t spread without a host file or document.

How it occurs:

Once a virus successfully attaches to a host file or document, it can lay dormant until
circumstances “trigger” it to execute its code. Once it does activate, the virus can
spread across computers or even across corporate networks. 

Recent examples of computer viruses:

The GoBrut virus is one of the most common and active computer viruses with new
versions appearing every few months. GoBrut is not terribly sophisticated, but will
use brute force attacks to crack your passwords and can slow down your device. 

Related: What is Cyber Hygiene? 10 Easy Habits That Can Keep You Safe
Online →

5. Trojans

Named after the famed Trojan horse, this type of malware uses helpful software as a
backdoor to gain access and exploit a computer or network. Trojans are widely used
to steal credit card information. 

How it occurs:

Users click on a link that hides the Trojan malware or unknowingly download it along
with legitimate software. Once the file is clicked and opened, the download proceeds
to install malware onto the device.

Recent examples of trojans:

Zeus Gameover is the most recent addition to the “Zeus” family of Trojan viruses.
Once installed, Zeus recognizes when you’re on a log-in page. Then, it records your
keystrokes and steals your sensitive bank account details. Even worse, “Gameover”
can bypass centralized servers, which makes it almost impossible to track your
stolen data. 

6. Worms

Worms are self-contained malware that spread through other files and programs on
their own. Unlike viruses which require a host, worms are standalone programs that
can “wiggle” through your network. 
How it occurs:

Worms are often sent through email attachments — they duplicate themselves and
send a copy to all contacts in the hacked email list. Attackers can use worms to
overload servers and achieve distributed denial of service (DDoS) attacks.

Recent examples of worms:

Worms aren’t as prevalent today. However, Mydoom (Also known as Novarg) is

considered the fastest-spreading and most damaging computer virus of all time. It
was spread through mass emails and caused $38 billion in damages ($52 billion
when adjusted for inflation).

It is still around today, generating 1% of all phishing emails.

7. Spyware

Spyware is a type of malware installed to collect information about users, including

their system or browsing habits. 

There are several different types of spyware to beware of. For example, Infostealers
steal your information from browser forms. While Keyloggers record your keystrokes
to catch sensitive data.  

How it occurs:

Spyware is distributed in many ways — links, phishing emails, pop-ups, infected ads,
or even poisoned links on Google search.

Once a user clicks on the link, their data is sent remotely to an attacker. The
information is then used to blackmail the victim or install other malicious programs.

Recent examples of spyware:

In 2021, journalists discovered Pegasus – a sophisticated type of spyware designed

to infect iOS and Android smartphones. Pegasus is capable of reading text
messages, tracking calls, collecting passwords, and even location tracking. 

8. Adware

Adware displays unwanted ads on your computer. It can also change your browser
homepage or even add unwanted plugins and other spyware.

While adware isn't quite a virus and isn't as problematic as other code floating
around the internet, you still need to remove it from your computer. Not only is it
bothersome, but it could also cause other device issues down the line.

How it occurs:
Adware can come from either downloading it by mistake or getting it from a malicious
website.

Once it's downloaded and installed, adware immediately starts tracking your web
activity. One indicator that you’ve been infected is constant pop-up advertisements.

Recent examples of Adware:

Fireball is an adware that affected over 250 million computers in 2017 [*]. It was
created by a Chinese company, Rafotech, to turn victims’ default search engines into
fake search engines.

Related: The 15 Types of Hackers You Need To Be Aware Of →

9. Drive-By Downloads

Drive-by downloads are programs that install on your devices without your consent.
These include bundled software and unintentional downloads of any files.

Drive-by downloads often take advantage of apps, operating systems, software, or

web browsers that haven’t been updated. They can use any website as a delivery
method for corrupted files.

How it occurs:

Just like other malware, drive-by downloads enter your computer unintentionally.
You don't have to click on or download anything for your computer to be infected — it
just happens when you visit an infected website.

Recent examples of drive-by-downloads:

In 2011, two BBC websites were injected with an iFrame which automatically
infected users that visited the website [*].

10. IoT Device Attacks

Internet of Things (IoT) devices are common targets for bad actors as they don’t
have space to run proper security systems and often store sensitive information like
log-in details and passwords.

How it occurs: 

Hackers exploit the weak security and constant connectedness of IoT devices to
gain access to them. Once they install malware, hackers can link devices together
and launch DDoS attacks. These attacks attempt to knock out networks by flooding
them with traffic.

IoT devices such as smart speakers can also act as a weak point in your network.
Once hackers are in, they can gain access to your entire system. 
Recent examples of IoT device attacks:

IoT attacks are one of the most common types of emerging cyber threats. In the first
half of 2021, more than 1.5 billion IoT devices were breached and used for
cyberattacks [*]. 

11. Wipers

Wipers — or wiper malware — damage organizations by wiping as much data (if not
all) as possible. Unlike ransomware which has financial motives, wiper attacks are
purely disruptive. Criminals may also use wiper attacks to cover the tracks of
separate data thefts.

How it occurs:

Wipers often target files, backups, and the system boot section. Normally, hackers
override files to destroy them, but they don’t do this in wiper attacks because it’s
time-consuming. Instead, hackers write a certain amount of data at intervals which
destroys files randomly. 

Recent examples of wiper attacks:

Sony Pictures experienced a wiper attack in 2014 as the studio was  releasing the
movie The Interview about the North Korean leader Kim Jong Un [*]. 

The hackers deleted the studio’s data and released hacked celebrity emails and
personal information.

12. Cross-Site Scripting (XSS)

With cross-site scripting (XSS), hackers insert malicious scripts into a website with
the intent of stealing users’ identities through session tokens, cookies, and other
information. The malicious code is usually JavaScript but can include Flash or
HTML.

How it occurs:

XSS often occurs when users log onto a web application’s session. Victims
unintentionally click on the content because they think it’s legitimate. But little do they
know that the attacker altered the executed script, making XSS harmful and
dangerous.

Recent examples of cross-site scripting:

British Airways was the victim of an XSS attack, which affected 380,000 bookings
made between August and September 2018 [*]. The attack was traced to a hacker
group called Magecart, which used card-skimming techniques to get victims’ details.
✅ Take action: Scammers can take out loans in your name or empty your bank account with
your stolen information. Try an identity theft protection service to monitor your finances and
receive fraud alerts.

13. Phishing

Phishing has been around for years, but is consistently one of the most common
ways hackers try to scam you online. It involves sending messages that seem to be
from a trusted source to gain personal information or scam you into downloading
malware

How it occurs:

Phishing attacks can occur via email, text (known as “smishing”), phone calls, fake
websites, and social networks. Hackers use a combination of social engineering
tactics to gain your trust. Then, they send messages containing malware or a link to
a fake site designed to steal your information.

COVID-19 scams (like PPP fraud) and phishing schemes have been especially

prevalent in the past few years [*].

If you think a message is a phishing scam, look for these warning signs:

 Irregular email addresses

 Unknown senders
 Weird subject lines
 Personal information requests
 Many typos
 Things that are too good to be true

Recent examples of phishing:

Attackers use prominent business names for phishing attacks. You may hear of
phishing emails from FedEx, Netflix, or even the Center for Disease Control and
Prevention (CDC). 

14. Whale and Spear Phishing

Whale phishing — or whaling — is a phishing attack in which the prime targets are
senior executives (aka the “big fish”).

While spear phishing is a similar attack that hyper-targets a specific company or

individual.

How it occurs:

In whaling, attackers impersonate high-level executives to try and steal sensitive

data. In spear phishing, criminals research victims on LinkedIn or other social media
sites and pose as a trusted source to gain access to their data.
Recent example of whaling and spear phishing:

A CEO of an Austrian aerospace company was fired in 2016 after falling victim to a
whale phishing email scam that cost the company $58 million [*].

15. Pharming

Pharming is when cybercriminals capture user credentials through a fake landing

page. There are two types of pharming: malware and DNS cache poisoning.

How it occurs:

Malware-based pharming uses trojan horses to direct you to a fake website. For
example, you’ll get a link to enter your credentials on your banking site. But the link
routes you to a fake (yet believable) landing page designed to steal your
information. 

With DNS cache poisoning, hackers exploit your DNS server. So even if you enter
the URL of your banking site, you’ll still be redirected to the fake website without your
knowledge.

Recent examples of pharming:

Banks are the most common target of pharming attacks. A famous 2007 incident
impacted 50 financial institutions around the world [*]. 

More recently, in 2019, hackers took advantage of the ongoing humanitarian crisis in
Venezuela to hijack a website set up for volunteers and steal their personal
information [*].

16. SQL Injection Attacks

An SQL injection attack (SQLI) is typical in database-driven websites. SQL attacks

happen when attackers inject code into a website or server database to steal money,
change data, or erase web activity.

How it occurs:

Hackers find vulnerable website fields such as contact forms and insert malware.
Once the SQL query is inserted into the website, the attacker can execute malicious
commands on the database.

Recent examples of SQL Injection attacks:

Hackers broke into the 7-Eleven corporate system and stole credit card details from
millions of people using SQL injection [*]. They also targeted companies such as
Heartland and Hannaford. The breaches were estimated to cost $300 million.

17. Denial of Service (DoS)

A denial of service (DoS) is a website attack where attackers overwhelm a system or
network with internet traffic. 

A variation of DoS attacks is the distributed denial of service (DDoS) attacks.

How it occurs:

With DDoS attacks, hackers infect computers on the network with malware to turn
them into bots. Attackers control the bot network (or botnet) by sending instructions
remotely. Some hackers even use artificial intelligence (AI) technologies for
automation purposes.

DDoS attacks result in a server overflow or network error. It can be challenging to

separate DDoS traffic from regular traffic.

Recent examples of Denial of Service attacks:

In 2020, Amazon Web Services (AWS) defended itself against a DDoS attack with a
peak traffic volume of 2.3 Tbps [*] — the largest recorded traffic volume. Before that,
the largest DDoS attack was at 1.7 Tbps.

18. Brute Force Attacks

Brute force attacks are a type of cryptographic attack where hackers use software to
repeatedly guess your login credentials. One in five networks have experienced a
brute force attack. 

How it occurs:

Hackers attempt to access an account by trying different passwords until they guess
the right one. When you’re against hackers with a powerful computing engine or
control over an extensive botnet, it can pose a problem.

Some warning signs that you’re under a brute force attack include:

 The same IP address trying to log in multiple times.

 Many IP addresses try to log into a single account.
 Multiple unsuccessful login attempts being made from different IP addresses in a
short period.

Recent example of brute force attacks:

In 2018, Magento was hit by a brute force attack. Hackers accessed over 1000
admin panels to scrape credit card numbers and install malware that mines
cryptocurrency [*].

19. Man-in-the-Middle Attacks (MitM)

Man-in-the-middle (MitM) attacks are a type of “shoulder surfing”  where hackers
eavesdrop on your connection. Hackers intercept data transfers between a server
and a client to steal data and manipulate traffic. 

How it occurs:

Attackers insert themselves through an IoT device or exploit unsecured public Wi-Fi. 

Recent example of a man-in-the-middle attack:

In 2017, Equifax removed its apps from the Apple and Google app stores due to
security concerns that allowed MitM attacks [*].

20. Insider Threats

Insider threats are security risks that begin within the targeted organization. It often
involves a current or former employee with administrator privileges or access to
sensitive information.

Insider threats have increased by 47% over the last two years [*], making them an
emerging cyber threat. 

How it occurs:

Insider threats occur when someone with authorized access misuses their access.
Insider threats can be intentional or unintentional. Unintentional threats occur when a
negligent employee falls victim to malware or phishing scams.

Most security operations focus on external threats. But the best course of action for
limiting insider threats is restricting employee access to systems they need for work.

Recent example of an insider threat:

Over eight years, a former GE employee stole trade secrets and proprietary data
with the intent of starting a rival company [*].

21. Zero-Day Attacks

Zero-day attacks happen to websites with newly-discovered security vulnerabilities.

How it occurs:

The term ‘zero-day’ alludes to web developers recently discovering the flaw, which
means they have had zero days to fix it. Attackers jump to take advantage of the
small time frame in which the device or program is vulnerable.

Preventing zero-day attacks requires constant monitoring and proactive detection. 

Recent example of a zero-day attack:

In 2020, Zoom confirmed a zero-day security vulnerability for Microsoft Windows 7
users [*]. In 2021, hackers walked away with $200,000 after discovering another
zero-day vulnerability in Zoom [*].

How To Protect Yourself From Emerging Cyber Threats

Preventing emerging cyber threats is more manageable than fixing the aftereffects of
cyberattacks.

Here are a few best practices to keep your devices safe from hackers and
scammers:

Use antivirus and network protection software on all your devices

Antivirus software keeps your devices safe by searching, detecting, and blocking
malware. Unfortunately, with so many digital threats present in the world today, a
simple antivirus solution alone isn't going to cut it. You need an all-around digital
protection software such as Aura, which also:

 Blocks phishing and potential pharming sites.

 Keeps your passwords and login details secure.
 Monitors your credit for signs of financial fraud and identity theft.
 Scans the Dark Web to identify compromised accounts.
 Secures your device and network with military-grade VPN.
 Covers you with a $1,000,000 insurance policy for eligible losses due to identity theft.

Don't ignore system and software updates

Regularly updating your device software and NEVER ignore the software update
prompts! This is one of the easiest ways to guard yourself against emerging cyber
threats. Manufacturers intentionally release system and software updates as a
safeguard against online threats. Don’t ignore them. 

Use strong passwords, 2FA, and a password manager

Passwords are often our first – and only – line of defense against cyber attacks. 

Choose strong passwords that use a combination of letters, numbers, and special
characters. Don’t use common words or any personally identifiable information (such
as birthdays or pet names). 

For added protection, use two-factor or multi-factor authentication (2FA/MFA). This

sends a special one-use code to use alongside your username and password. But
skip 2FA on SMS as it can be hacked. Instead, use an authenticator app such as
Google or Okta. 

If you’re worried about keeping track of long passwords, use a password manager.
These tools securely store all your passwords so all you need to remember is a
single master password.

Keep regular backups of all your files

Regularly backing up your files is a mitigation measure to guard yourself against
emerging cyber threats. 

Choose web hosting providers that offer automatic backups if you have a website.
For device backups, be sure to have many copies of your backup files. You can
store them on an external hard drive or the cloud.

Stay up-to-speed with the latest attacks

Knowing more about emerging cyber threats helps you prepare and become aware
of hackers’ common tactics. Cyber criminals love when people don't know they're
under attack because it means they won't meet any resistance.

Arm yourself with as much knowledge as you can so that you can recognize
the signs of identity theft and know what to do when you open a spam email.

What is encryption?
Encryption is a way of scrambling data so that only authorized parties can
understand the information. In technical terms, it is the process of converting
human-readable plaintext to incomprehensible text, also known as ciphertext. In
simpler terms, encryption takes readable data and alters it so that it appears random.
Encryption requires the use of a cryptographic key: a set of mathematical values that
both the sender and the recipient of an encrypted message agree on.

Although encrypted data appears random, encryption proceeds in a logical,

predictable way, allowing a party that receives the encrypted data and possesses the
right key to decrypt the data, turning it back into plaintext. Truly secure encryption
will use keys complex enough that a third party is highly unlikely to decrypt or break
the ciphertext by brute force — in other words, by guessing the key.

Data can be encrypted "at rest," when it is stored, or "in transit," while it is being
transmitted somewhere else.
What is a key in cryptography?
A cryptographic key is a string of characters used within an encryption algorithm for
altering data so that it appears random. Like a physical key, it locks (encrypts) data so
that only someone with the right key can unlock (decrypt) it.

What are the different types of

encryption?
The two main kinds of encryption are symmetric encryption and asymmetric
encryption. Asymmetric encryption is also known as public key encryption.

In symmetric encryption, there is only one key, and all communicating parties use the
same (secret) key for both encryption and decryption. In asymmetric, or public key,
encryption, there are two keys: one key is used for encryption, and a different key is
used for decryption. The decryption key is kept private (hence the "private key"
name), while the encryption key is shared publicly, for anyone to use (hence the
"public key" name). Asymmetric encryption is a foundational technology
for TLS (often called SSL).

Why is data encryption necessary?

Privacy: Encryption ensures that no one can read communications or data at rest
except the intended recipient or the rightful data owner. This prevents attackers, ad
networks, Internet service providers, and in some cases governments from
intercepting and reading sensitive data, protecting user privacy.

Security: Encryption helps prevent data breaches, whether the data is in transit or at

rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the
data on that device will still be secure. Similarly, encrypted communications enable
the communicating parties to exchange sensitive data without leaking the data.
Data integrity: Encryption also helps prevent malicious behavior such as on-path
attacks. When data is transmitted across the Internet, encryption ensures that what
the recipient receives has not been viewed or tampered with on the way.

Regulations: For all these reasons, many industry and government regulations

require companies that handle user data to keep that data encrypted. Examples of
regulatory and compliance standards that require encryption include HIPAA, PCI-
DSS, and the GDPR.

What is an encryption algorithm?

An encryption algorithm is the method used to transform data into ciphertext. An
algorithm will use the encryption key in order to alter the data in a predictable way,
so that even though the encrypted data will appear random, it can be turned back
into plaintext by using the decryption key.

What are some common encryption

algorithms?
Commonly used symmetric encryption algorithms include:

 AES

 3-DES

 SNOW

Commonly used asymmetric encryption algorithms include:

 RSA

 Elliptic curve cryptography

What is a brute force attack in encryption?
A brute force attack is when an attacker who does not know the decryption key
attempts to determine the key by making millions or billions of guesses. Brute force
attacks are much faster with modern computers, which is why encryption has to be
extremely strong and complex. Most modern encryption methods, coupled with
high-quality passwords, are resistant to brute force attacks, although they may
become vulnerable to such attacks in the future as computers become more and
more powerful. Weak passwords are still susceptible to brute force attacks.

How is encryption used to keep Internet

browsing secure?
Encryption is foundational for a variety of technologies, but it is especially important
for keeping HTTP requests and responses secure. The protocol responsible for this is
called HTTPS (Hypertext Transfer Protocol Secure). A website served over HTTPS
instead of HTTP will have a URL that begins with https:// instead of http://, usually
represented by a secured lock in the address bar.

HTTPS uses the encryption protocol called Transport Layer Security (TLS). In the past,
an earlier encryption protocol called Secure Sockets Layer (SSL) was the standard, but
TLS has replaced SSL. A website that implements HTTPS will have a TLS
certificate installed on its origin server. Learn more about TLS and HTTPS.

To help keep the Internet more secure, Cloudflare offer

Secret Key
What Does Secret Key Mean?
A secret key is the piece of information or parameter that is used to
encrypt and decrypt messages in a symmetric, or secret-key, encryption.

In assymetric encryption, two separate keys are used. One is a public key
and the other is a secret key.

A secret key may also be known as a private key.

Techopedia Explains Secret Key

Public Key Encryption :   Asymmetric is a form of Cryptosystem in which

encryption and decryption are performed using different keys-Public key
(known to everyone) and Private key (Secret key). This is known as Public
Key Encryption.

Virtual Private Network (VPN) | An Introduction

VPN stands for the virtual private network. A virtual private network (VPN) is a
technology that creates a safe and encrypted connection over a less secure network,
such as the internet. A Virtual Private Network is a way to extend a private network
using a public network such as the internet. The name only suggests that it is a Virtual
“private network” i.e. user can be part of a local network sitting at a remote location.
It makes use of tunneling protocols to establish a secure connection. 

What are the different types of e-commerce payment systems?

by Anindya Ray on 21/06/2021

When you purchase goods and services online, you pay for them using an electronic medium.
This mode of payment, without using cash or cheque, is called an e-commerce payment system
and is also known as online or electronic payment systems.

The growing use of internet-based banking and shopping has seen the growth of various e-
commerce payment systems and technology has been developed to increase, improve and provide
secure e-payment transactions.

Paperless e-commerce payments have revolutionised the payment processing by reducing paper
work, transaction costs, and personnel cost. The systems are user-friendly and consume less time
than manual processing and help businesses extend their market reach.

The different types of e-commerce payments in use today are:

Credit Card
The most popular form of payment for e-commerce transactions is through credit cards. It is
simple to use; the customer has to just enter their credit card number and date of expiry in the
appropriate area on the seller’s web page. To improve the security system, increased security
measures, such as the use of a card verification number (CVN), have been introduced to on-line
credit card payments. The CVN system helps detect fraud by comparing the CVN number with
the cardholder's information

Debit Card
Debit cards are the second largest e-commerce payment medium in India. Customers who want
to spend online within their financial limits prefer to pay with their Debit cards. With the debit
card, the customer can only pay for purchased goods with the money that is already there in
his/her bank account as opposed to the credit card where the amounts that the buyer spends are
billed to him/her and payments are made at the end of the billing period.

Smart Card
It is a plastic card embedded with a microprocessor that has the customer’s personal information
stored in it and can be loaded with funds to make online transactions and instant payment of
bills. The money that is loaded in the smart card reduces as per the usage by the customer and
has to be reloaded from his/her bank account.

E-Wallet
E-Wallet is a prepaid account that allows the customer to store multiple credit cards, debit card
and bank account numbers in a secure environment. This eliminates the need to key in account
information every time while making payments. Once the customer has registered and created E-
Wallet profile, he/she can make payments faster.

Netbanking
This is another popular way of making e-commerce payments. It is a simple way of paying for
online purchases directly from the customer’s bank. It uses a similar method to the debit card of
paying money that is already there in the customer’s bank. Net banking does not require the user
to have a card for payment purposes but the user needs to register with his/her bank for the net
banking facility. While completing the purchase the customer just needs to put in their net
banking id and pin.

Mobile Payment
One of the latest ways of making online payments are through mobile phones. Instead of using a
credit card or cash, all the customer has to do is send a payment request to his/her service
provider via text message; the customer’s mobile account or credit card is charged for the
purchase. To set up the mobile payment system, the customer just has to download a software
from his/her service provider’s website and then link the credit card or mobile billing
information to the software.

Amazon Pay
Another convenient, secure and quick way to pay for online purchases is through Amazon Pay.
Use your information which is already stored in your Amazon account credentials to log in and
pay at leading merchant websites and apps. Your payment information is safely stored with
Amazon and accessible on thousands of websites and apps where you love to shop.

If you are planning to sell your products online, Amazon would be happy to help you in setting up
payment gateways for your products and services. You can also consider selling on Amazon, one
of the most popular e-commerce platforms in the world. To sell on Amazon, you can register to
sell online for free.
Emerging financial instruments
Here we'll briefly explore some of the emerging investment
vehicles that exist in the market.
Since we have an understanding of the most common financial
instruments, we will now briefly explore some of the emerging
investment vehicles that exist in the market.

Cryptocurrency
Cryptocurrency is an emerging financial instrument that hit the
mainstream towards the second half of 2018, and saw one of the
greatest rallies of an investment vehicle in modern times. A
cryptocurrency is a digital or virtual currency that is designed to
work as a medium of exchange. Cryptocurrencies use cryptography
to secure and verify transactions and control the creation of more
currency. Cryptocurrencies use blockchain technology in order to
be decentralised, transparent, and immutable. The decentralisation
aspect is arguably the most important feature of cryptocurrency. It is
not controlled by a central authority and in most cases there is a
finite amount of the cryptocurrency in circulation. The most well
known of these cryptocurrencies is Bitcoin. [1]

Read the following articles that discuss the case of cryptocurrency

as an investment:

Read: (Optional)Bitcoin digital currency as an investment asset [2]

Want to keep
learning?
This content is taken from
FutureLearn online course,
Financial Analysis for Business Decisions:
Cash Flow Management
 

View Course

Read: (Optional)Are cryptocurrencies an asset class for institutional

investors? [3]

Mortgage-backed securities (MBS)

Mortgage-backed securities are a well-discussed investment
vehicle that caused the 2008 Financial Crisis. MBS are essentially
bonds that are secured by home and other real estate loans, and
they are created when a number of these loans, typically with
similar characteristics, are pooled together. This pool is then sold to
a federal government agency or a quasi-government entity or a
securities firm.

Types of MBS

Pass-throughs: In this MBS, the issuer collects a monthly payment

from a pool of mortgages and passes on a portion of the principal
and interest to the bondholders. Cash flow is generated from the
scheduled principal, scheduled interest, and prepaid principal.

Collateralised mortgage obligations (CMOs): CMOs are

repackaged pass-through mortgage-backed securities, in which the
cash flow is directed in a prioritised order based on the structure of
the bond. The MBSs are separated and issued as different MBS
pass-through securities with different terms, interest rates, and
risks.

For more information on CMOs, you can read the following article:

Read: (Optional)Collateralized mortgage obligations (CMOs) [4]

MBS offers an alternative investment vehicle for investors and
allows investors to diversify. MBS typically will have more attractive
yields than government bonds, and carry greater returns, but also
increased credit and prepayment risk. There is significant credit
quality risk involved with MBS because they are made up of a pool
of mortgages that are given an overall credit rating; it is difficult to
understand each mortgage’s credit rating, thus making it a risk if
homeowners default on their loans.

The following video explains the basics of how MBS works.

Watch: Mortgage-backed security overview (2:02) [5]

We have covered two emerging asset classes that have enjoyed

significant time in mainstream media for various reasons. It is
important to be aware of the trends in financial investments as they
can provide different avenues for returns and diversification.

To consolidate what you have learned so far in the week, read the
following article on Frontken Corporation Berhad and its success in
the market over the past five years

Electronic Data Interchange EDI – is the exchange of business documents between any two trading
partners in a standard or structured, machine readable form. EDI is used to electronically transfer
documents such as purchase orders, invoice, shipping bills, and communicate with one another. A
Specified format is set by both the parties to facilitate transmission of information. Traders use
Electronic Data Interchange EDI to exchange financial information in electronic form. Electronic
Fund Transfer facility provided by banks is an example of Electronic Data Interchange EDI. EDI
helps to eliminate paper based system, reduces data entry task and improves business cycle. EDI
stands for Electronic Data Interchange. EDI is an electronic way of transferring business documents in
an organization internally, between its various departments or externally with suppliers, customers, or
any subsidiaries. In EDI, paper documents are replaced with electronic documents such as word
documents, spreadsheets, etc. EDI Documents Following are the few important documents used in
EDI –  Invoices  Purchase orders  Shipping Requests  Acknowledgement  Business
Correspondence letters  Financial information letters E-COMMERCE [ELECTRONIC DATA
INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad Mukherjee University,
Ranchi Page| 2 Steps in an EDI System Following are the steps in an EDI System.  A program
generates a file that contains the processed document.  The document is converted into an agreed
standard format.  The file containing the document is sent electronically on the network.  The
trading partner receives the file.  An acknowledgement document is generated and sent to the
originating organization. Components of Electronic Data Interchange EDI  Standard Document
Format – A standard format agreed upon by both parties which do not require complicated hardware
or software to access information. Both parties communicate directly through a business application.
 Translator and Mapper – A translator is used to convert the raw data into meaningful information
according to specifications provided by a mapper. A mapper is used to create conversion
specification. It compiles the specification and then gives instructions to the translator on how to
convert the data.  Communication Software – Communication software is used to transmit data and
convert business documents into a standard format. It follows a standard communication protocol
which is incorporated in the software.  Communication Network – A communication network
provides a direct link between trading partners who are will to exchange business documents through
Electronic Data Interchange EDI.  Modem – It is a hardware device that transmits data from one
computer to another.  VAN – A network that connect the computer system of one organization to
another.  Point to Point link – A direct communication link between two computers. E-
COMMERCE [ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr.
Shyama Prasad Mukherjee University, Ranchi Page| 3 Applications of Electronic Data Interchange
EDI  Retail Sector – In the retail sector profit margins usually depend upon efficient inventory
management. EDI provides a structured way to maintain and replenish goods stocked at a retail outlet.
Retailers use a common model stock for each shop location and the point of sale stock position is
updated continuously and data in fed via EDI enabled SCM (supply chain management) network. The
EDI software monitors all the logistics and makes updates in the original stock.  Manufacturing
Sector – EDI ensures effective and efficient management of materials required for production of a
commodity. In manufacturing sector EDI facilitates Material requirement planning and just in time
manufacturing. The Inventory position of OEM is constantly updated through EDI and the supplier is
notified about shortage of materials. This helps the supplier to plan and schedule supply according to
requirements of the manufacturer. The suppliers respond via EDI with an ASN to identify the
parts/materials to be delivered and the approximate delivery time and E-COMMERCE
[ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad
Mukherjee University, Ranchi Page| 4 as soon as the shipment is delivered at the production plant the
inventory is updated again.  Automobile Sector – In automobile sector EDI is used to keep
customers updated with the current product and pricing information during the purchase cycle. An
advance shipping notice is transmitted through EDI to the customers to prepare a loading schedule
and to ensure proper receipt of the product. The customer may also make payment on receipt of goods
via EDI to speed up the payment process.  Financial Sector – In the financial sector EDI replaces
the labour intensive activities of collecting, processing and dispersing payments with an electronic
system. It facilitates the flow of payment between the bank accounts of trading partners without
requiring any human intervention. A payee`s bank account is electronically credited and the payer`s
account is electronically credited on the scheduled day of payment; such an exchange is known as
electronic fund transfer (EFT).  Computer-to-computer– EDI replaces postal mail, fax and email.
While email is also an electronic approach, the documents exchanged via email must still be handled
by people rather than computers. Having people involved slows down the processing of the
documents and also introduces errors. Instead, EDI documents can straight through to the appropriate
application on the receiver’s computer (e.g., the Order Management System) and processing can
begin immediately. A typical manual process looks like this, with lots of paper and people
involvement: The EDI process looks like this — no paper, no people involved: E-COMMERCE
[ELECTRONIC DATA INTERCHANGE] EDI Department of MCA & MSC-IT, Dr. Shyama Prasad
Mukherjee University, Ranchi Page| 5  Business documents – These are any of the documents that
are typically exchanged between businesses. The most common documents exchanged via EDI are
purchase orders, invoices and advance ship notices. But there are many, many others such as bill of
lading, customs documents, inventory documents, shipping status documents and payment
documents.  Standard format– Because EDI documents must be processed by computers rather than
humans, a standard format must be used so that the computer will be able to read and understand the
documents. A standard format describes what each piece of information is and in what format (e.g.,
integer, decimal, mmddyy). Without a standard format, each company would send documents using
its company-specific format and, much as an English-speaking person probably doesn’t understand
Japanese, the receiver’s computer system doesn’t understand the company-specific format of the
sender’s format. There are several EDI standards in use today, including ANSI, EDIFACT,
TRADACOMS and ebXML. And, for each standard there are many deferent versions, e.g., ANSI
5010 or EDIFACT version D12, Release A. When two businesses decide to exchange EDI
documents, they must agree on the specific EDI standard and version. Businesses typically use an EDI
translator – either as in-house software or via an EDI service provider – to translate the EDI format so
the data can be used by their internal applications and thus enable straight through processing of
documents.  Business partners – The exchange of EDI documents is typically between two different
companies, referred to as business partners or trading partners. For example, Company A may buy
goods from Company B. Company A sends orders to Company B. Company A and Company B are
business partners E-COMMERCE [ELECTRONIC DATA INTERCHANGE] EDI Department of
MCA & MSC-IT, Dr. Shyama Prasad Mukherjee University, Ranchi Page| 6 Features of EDI To
maximize the strategic value and ROI of your EDI software investment, you need a solution that
maximizes automation, minimizes manual intervention and can smoothly and cost-effectively meet
your changing business needs. That makes the following features paramount:  Robust, proven
integration with your business system. EDI is among the highest-value integrations in your accounting
systems environment because this eliminates time-consuming, error-prone manual effort that would
otherwise be necessary to get orders, invoices and other EDI data in and out of the accounting system.
Integrating EDI with a business system streamlines your order processing workflow for improved
productivity and responsiveness to customers, while saving time and money. The more trading
partners you have, the more operational costs you’ll save through EDI and ERP integration.
Conversely, an EDI system that does not integrate becomes a cost of doing business that offers little
value-add.  A simple, seamless user experience. Business users in departments like customer
service and shipping need to process EDI transactions efficiently and accurately, without having to
become EDI experts. You should be able to manage EDI ―by exception‖ so that transactions are
automated unless exceptions occur. You should also be able to automatically schedule everyday tasks
like importing and exporting EDI documents to and from your accounting system. More automation
means faster processing and less errors—which, for suppliers and distributors, means happier
customers and fewer chargeback’s.  Scalability and configurability for your specific needs. Look
for an EDI software provider that allows you to implement only the features you need now, with the
option to add more capabilities (e.g., support for remote warehouse/3PL documents) on-demand in the
future. Configurability to your specific accounting/ERP environment and business processes without
customizations that could complicate your upgrades is also crucial. You want a proven, turnkey
implementation and upgrade path that minimizes risk as your accounting and ERP environment
changes.  Lowest total cost of ownership. A low initial cost doesn’t mean that TCO will be low
also. Monthly network charges can vary widely, for example. Likewise, many providers charge for
updating trading partner mapping specifications, which change all the time. What about monthly
maintenance fees? These costs can add up fast as a business grows. Are these included in the support
contract or are they extra?  Easy on boarding of new trading partners. Growing companies need to
onboard new EDI trading partners quickly and smoothly. Make sure an EDI provider offers prebuilt
templates and rules to make on boarding and compliance with major retailers and other partners quick
and painless. Make sure also that it’s easy to create partner-specific business rules

Legal Requirements of E-commerce business in India

E-commerce broadly means a commercial activity conducted with the support of
electronic devices. Under E-commerce, there are digital business transactions/trades
which are wholly/partially performed by using the internet. As E-commerce has evolved
and become more feasible and a safer way of shopping/trading, it is such an industry
that requires a well-built regulatory framework in order to ensure accountability and
consumer protection. The legal obligations to start an E-commerce business in India are
as follows:
1. Company or LLP Registration
Every business is required to get registered with the Ministry of Corporate Affairs under
the applicable laws. Such a business shall either be incorporated under the (Indian)
Companies Act, 2013 or a foreign company or an office, branch or an agency outside
India and necessarily be owned or controlled by an Indian resident.
While establishing an E-commerce business, it is suggested to have a company or LLP in
place to relish the limited liability protection and at the same time, run a business with
ease. Such registration ensures that the bank account is opened in the name of the
company/ LLP which in return shall make the process of GST registration convenient
and quicker.
As almost all marketplaces permit proprietorship and partnership firms to trade on their
website, therefore, it is suggested to run the business through an LLP or a Company. In
the event, where the promoters plan to establish an E-commerce website, as a Company
it is the most suitable option as it is the only type of entity that have the access to angel
funding or equity funding, which acts as a precondition to run a successful E-commerce
business.
2. GST Registration
For a successful establishment of an E-commerce business, GST registration is
mandatory. Every E-commerce business irrespective of its turnover is required to be
compulsorily registered under the Central Goods & Service Tax (CGST) Act.
3. Bank Account
Opening a bank account in the name of the business is a convenient process. In case of
a Proprietorship firm, the first step is to obtain a GST registration in the name of the
business in order to open a bank account. An active bank account is the bare minimum
requirement to be able to list a business on an E-commerce marketplace or to obtain a
payment gateway for a proprietary E-commerce website.
4. Payment Gateway
A payment gateway is mandatory for a proprietary E-commerce website to process the
payments. It allows the website to accept payments through credit card(s), debit card(s),
net banking, internet banking from multiple banks. Therefore, one payment gateway is
sufficient to accept various forms of online payments. Further, once the payment is
received by the customer by the website, such payment is sent to that respective
business’s bank account through the payment gateway.
In the event, where the business runs through the online marketplaces, the marketplace
would accept the payment through their payment gateway and directly credit such an
amount to the bank account of the seller. Hence, a bank account shall be in place for
smooth transactions.
5. Legal Documents
While selling on the internet, it is important to safeguard the business and the promoters
by strict adherence to terms and conditions and the privacy policy of such businesses.
In the case of a proprietary E-commerce website, the terms and conditions, disclaimer
and privacy policy would have to be drafted as per the business, keeping in mind the
nature of its activities and products they sell online.
If any business operates through online marketplaces, then the marketplace provides
the seller with a legal document or sellers’ agreement and the seller must abide by the
sellers’ agreement. It is important for any business to go through the sellers’
agreement(s) in detail before the execution as it is the legal binding agreement between
the seller and the marketplace.
Other requirements
There are a few additional requirements such as cyber law due diligence, compliance
under the Competition Laws of India and the laws related to data protection and
appointment of a Nodal Officer in case of an international E-commerce business setup
in India which are important to always be complied with.
Compliances for E-commerce business in India
The trend of E-commerce has been rapidly increasing since the last decade. Many
players with new business ideas have entered the market, be it Zomato/Swiggy
delivering food from various restaurants or Flipkart/Amazon delivering products or
Grofers delivering groceries.
The scenario is such that you name the service and there is an E-commerce platform for
it available at the doorstep. The swift development of the E-commerce industry has
called for the attention of the government towards forming regulations and policies with
respect to the same. India has various laws that monitor E-commerce business in terms
of data privacy, security of consumers, settlement transaction safety, quality of products
etc.
1. Foreign Direct Investment
Foreign Direct Investment means the investment made by the foreign entities in the
companies situated in India. The same can be done either by opening a subsidiary or
associate in a foreign country, acquiring a controlling interest in an existing foreign
company, or by means of a merger or joint venture with a foreign company. In India, the
Ministry of Commerce and Industry, The Department of Industrial Policy and Promotion,
Government of India form policy pronouncements on FDI. There are two ways to invest
in India through FDI:
‘Approval route’ in which the prior permission of the central government is required
before doing any foreign investment in India under a particular sector.
‘Automated route’ in which no prior permission is required and foreign entities can
directly invest in Indian businesses under a particular sector.
The FDI policy allows Foreign Direct Investment to the extent of 100% in the marketplace
model of E-commerce by the way of the Automatic Route. A single brand retail trading
entity operating through brick-and-mortar stores is allowed to carry on retail trading
through E-commerce. However, many E-commerce businesses have disguised their
inventory-based model as a marketplace model through a complex structure.
2. Information Technologies Act, 2000
The E-commerce sellers conduct business in the same manner as the physical sellers
with the only distinction of non-availability of the physical body in order to sell things.
Through E-commerce, the vendors are required to generate bills, file returns, pay taxes,
prepare ledgers and maintain records. They must perform all the same on the online
platform.
The Information Technology Act, 2000 (IT Act) is the primary legislation that governs the
use of the internet, cybercrime as well as the digital business in India. The IT Act
governs online behaviour and related aspects of E-commerce and recognizes electronic
contracts and digital signatures.
The Information Technology Act, 2000 is based on the Model Law of E-commerce
adopted by the United Nations Commission on International Trade Law (UNCITRAL) and
acts as a developing E-commerce enabling legislation in India. The Act targets
regulating the use of the internet by punishing the person for publishing any obscene
information or hacking or altering the data from devices of another person. The salient
features of the Act are:

 E-contracts

 Transaction Security

 Digital signature

3. Payment and Settlements Systems Act, 2007

As per the Payment and Settlements Systems Act, the E-commerce business shall
succeed as a payment system if it follows the Rules specified by RBI for online
transactions and payments. Further, it is compulsory for an intermediary that is receiving
payments through digital modes to have an active Nodal Account for settling the
payments of the sellers on its E-commerce platform.
4. Consumer Protection Act, 2019
The E-commerce industry is also monitored by the Consumer Protection Act as it is
working towards the interest of the consumers. In order to safeguard the consumers
from unfair trade practices and further to address and solve their problems, the Ministry
of Consumer Affairs, Food and Public Distribution on May 17, 2021, has notified the
Consumer Protection (E-Commerce) Rules, 2021.
Conclusion
The rapid growth in the E-commerce industry is proof that E-commerce has become a
vital and integral part of our lives. Long gone are the days where people used to hesitate
from shopping online as they had doubts about the quality, their money being stolen,
non-delivery of the product. It is observed that today a huge part of the population trusts
E-commerce websites for their day-to-day needs. Therefore, nowadays most of the
purchases are prepaid compared to Cash on Delivery. This is a sign of the acceptance of
E-commerce platforms by the general public especially during the COVID-19 pandemic,
the usage of E-commerce has increased tremendously.
Our legal system is constantly introducing new rules and regulations to deal with this
significant shift in the business model in order to safeguard the interest of the
consumers. Therefore, a thorough understanding of the legal system and the possible
problem(s) that an E-commerce business would face along with an effective risk
management strategy is required for E-commerce businesses to thrive in this industry.

Supply Chain Management in E-commerce

Business efficiency at all operational levels is critical for the success of e-

commerce. Supply chain management is an essential component of e-
commerce. Supply chain management in e-commerce focusses on procurement
of raw material, manufacturing, and distribution of the right product at the right
time. It includes managing supply and demand, warehousing, inventory tracking,
order entry, order management, distribution and delivery to the customer. 

Supply Chain and Logistics Process in E-commerce Industry

 
The e-commerce industry is not just limited to setting up a website and selling
products online. It includes product configuration, suitable infrastructure,
logistics, secured payment gateway, and supply chain management. An
efficient supply chain accelerates e-commerce processes to meet customers’
expectations. 

Supply Chain Management in E-commerce

Vital Components forming the Supply Chain and Logistics Processes

of E-commerce Industry: 

Inventory Management: Inventory is a critical component of supply chain

management. According to the traditional inventory model, businesses used
their own warehouses to sell the products directly to customers. But, now as per
the risk-pooling strategy, e-commerce businesses do not hold their own
inventory and rather outsource their inventory to a larger wholesaler. It enables
e-commerce businesses to reduce the risk of keeping their own inventory. 

Several businesses are adopting the drop-shipping model for inventory.

According to this model, a store does not hold the product it sells on the
website, rather it purchases the product from a third-party and ships it to the
customer. 

Reverse Logistics: E-commerce businesses also have an SCM structure which

entails reverse logistics. Reverse logistics is defined as the planning and
execution of the movement of goods from the point of consumption to the point
of origin. Almost, all e-commerce businesses provide the facility of exchange and
returns. This increases the need for logistics. 

Optimized Inventory Management, a Must-have for Supply Chain

Management in E-commerce

Product Availability and Service Level:

The success of an e-commerce website depends on customer satisfaction. If

customers cannot buy the right product at the right time, they will immediately
switch to other e-commerce stores. A service level of 95% of products is ideal for
e-commerce success. The slow delivery process increases the risk of losing
potential customers and can even cause a negative impact on the reputation of
the business. 

From inventory to logistics and purchase to supplier management, processes

should be well-coordinated and optimized. Even if one link of the supply chain
doesn’t function well the entire supply chain management will fail, resulting in
loss of revenue. 

Customer Reviews:

The reputation of an e-commerce business is measured by customer reviews

and experiences. It is a critical factor that impacts the growth of an online store.
Price comparison search engines are the first point of contact for online
shoppers. The search engine ranking is also done based on customer reviews.
To receive good reviews, the delivery of the right product at the right time is
necessary. 
 

Platforms like Amazon and eBay use internal key figures to assess the credibility
of distributors. These platforms have supply chain key performance indicator
(KPI) targets. If the KPI is below certain minimum values, then penalties in the
form of account suspension can be imposed. 

Excess Inventory Increases Costs:

E-commerce businesses are expanding rapidly due to which they reach their
limit on inventory management. With the growth in business, product portfolio,
supplier base and surge in returns also grow at a rapid pace.

Increasing inventory drastically is common mistake e-commerce businesses

make to meet the demands of customers. Inventory represents a significant
portion of the total investment of e-commerce businesses. Excess inventory can
mutate into obsolete stock (dead capital) which can lead to increased costs. 

Supply Chain Management in E-commerce

E-commerce is about selling and buying goods over the internet and the
movement of goods between two parties. The dispatch of right quantity
products at the right time to the right person is essential and hence efficient
supply chain is required. A quick, uninterrupted and secure supply chain is a
critical aspect of the e-commerce business. Efficient supply chain management
in e-commerce can reduce costs and enhance cash utilization. When a customer
purchases a product from an e-commerce website, he/she wants the product in
a short time. New e-commerce websites are evolving every day.  But, customers
prefer only those sites that have an efficient supply chain to deliver the right
products at the right time. 
Read More: Transforming Supply Chain and Logistics with Blockchain

The key benefits of SCM in E-commerce include:

Reduced Costs: SCM in e-commerce removes various stages of distribution,

retailers, and outlets. The elimination of these stages reduces the overall cost of
products. The reduced costs give customers a direct advantage when compared
to the cost of products available in physical stores. 

Trade Globally: SCM enables e-commerce businesses to trade globally. An

efficient SCM enables e-commerce businesses to import raw material from
anywhere and export their finished product to any country easily. 

Enhanced Customer Satisfaction: Customer satisfaction is an important factor

for the success of an e-commerce business. With an efficient supply chain
management in e-commerce, enterprises can easily track demand, the time
suppliers will require to fulfill the orders and order goods from suppliers to keep
the inventories replenished. 

Avail Supply Chain Benefits in E-commerce with Oodles

We provide supply chain software development  services which enable e-

commerce businesses to track and manage their inventory in real-time. With our
SCM services, e-commerce businesses can easily manage orders and payments.
We have experience in enabling the tracking and management of supply chain
activities. Our supply chain software development services include
development of order management systems, Electronic Data Interchange (EDI)
and Inventory Management systems. 
We empower e-commerce businesses with fully functional systems and e-
commerce modules. Our solutions are tailored to fulfill your unique
requirements. We provide e-commerce development services for industry
verticals like real estate, healthcare, retail, and financial services. Our dedicated
ERP team provides end-to-end inventory and shipment management solutions
like inventory forecasting, barcoding, ordering, and picking.

Concluding Thoughts

An efficient supply chain is critical for e-commerce businesses. It reduces

production costs and shortens demand response time. E-commerce
development solutions use technologies like POS, file transfer, video
conferencing and electronic mail to improve the efficiency of logistics and supply
chain.

Customer relationship management (CRM) systems allow companies to analyze their past,
current, and future customers on a variety of levels. CRM is essential for any business,
including e-commerce sites, because it allows them to grow and succeed. This article will
discuss other functions of CRM in relation to e-commerce and how it differs from traditional
CRM.
The role of customer relationship management (CRM) in e-commerce
 E-commerce CRM vs. Traditional CRM
 Impact of e-commerce on CRM
 The importance of CRM for e-commerce sites
 Tips for choosing an e-commerce CRM solution
E-commerce CRM vs. Traditional CRM

One of the primary roles of traditional CRM software is recording and storing important
customer information (i.e. preferred contact method, account information, and potential
customer leads) all in one location. Utilizing traditional CRM software in daily operations is
beneficial because it helps businesses understand how to adequately interact with their
customers and satisfy their needs.

The primary goal of traditional CRM is to unite employees and customers by ensuring
everyone gets what they need. Finally, traditional CRM provides those in sales with a
customer profile detailing information on past purchases and outreach history.

E-commerce CRM (e-CRM) primarily focuses on the sales and customer experiences that are
conducted online. Like traditional CRM, e-CRM is able to analyze customer information and
sales patterns and record and store data, however, it is able to do so all day, every day. Most
e-CRM software also has the ability to analyze your site’s metrics, for example:
  Conversion rates;
 Customer click-through rate;
 E-mail subscription opt-ins;
 Which products customers are interested in.
This easy-to-use e-commerce add-on is designed to provide customers with personalized
experiences. Giving your customers the ability to customize their e-commerce experience, on
top of listening to their needs and making them feel heard, are just a few tips to keep in mind
when attempting to build your customer relationships. Not only can these tips help recruit
new customers, but can help retain current ones as well.
Impact of e-commerce on CRM

Although it is truly about managing relationships with customers and providing a great
customer experience, e-commerce has made an impact on CRM in a variety of ways. One
study discovered that e-commerce had promising implications for improving customer
satisfaction and loyalty. In fact, the study shows that the elements that lead to customer
loyalty are:
 Competency;
 Capability to establish the relationship;
 Commitment;
 Solving the customer’s problem;
 Trust;
 Quality of the relationship.
Implementing e-CRM is beneficial not only because it records and stores customer data 24/7,
but also because it is capable of accomplishing all of the above — ultimately ending with
positive customer experiences.
The importance of CRM for e-commerce sites

CRM has impacted e-commerce sites by becoming an essential part of a business’s success.
One study found that interactively collecting and condensing customer data helps to build
a company’s e-CRM capability, which ultimately leads to their corporate success. It is safe to
say that going forward, CRM platforms created specifically for e-commerce (as well as
implementing a scalable e-commerce solution) may very well be a necessity for web-based
businesses.

Failing to understand the importance of CRM for your e-commerce site could result in the
loss of a multitude of benefits, including but not limited to:

 A better understanding of supply and demand;

 Seeing if your customers are able to navigate your site without any issues;
 Better customer service;
 Easy check out processes;
 A decrease in loss and costs (due to the ability to better record customer sales);
 Having the ability to create advertisements that are aimed at your target audience.
Tips for choosing an e-commerce CRM solution

It’s important for businesses to take the time to find an e-CRM solution that fits their specific
needs. Similar to selecting the best e-commerce solution provider, it is recommended to take
into consideration the following tips to help you select a CRM platform that complements
your business.
 1. Create a plan on how you wish to use this solution to help grow your business;
2. Think about how the solution will work and integrate with other business platforms and
tools;
3. Consider how to train your employees on the new integration and explain the importance of
it to them;
4. Understand the amount of time and effort it takes to factor in an e-CRM solution;
5. Make sure it is within your budget to integrate the solution;
6. Read the CRM directions prior to selecting it to make sure they are easy to comprehend (you
don’t want to choose a difficult solution);
7. Conduct thorough research on the platform, including researching the future of CRM, the
level of customization, and the level of mobility (is it accessible on a mobile device?).
Prior to finalizing your e-CRM plans, review the information above to help you get a better
understanding of the role of the solution and how it can be beneficial for your business.