Professional Documents
Culture Documents
4th Module - MIS
4th Module - MIS
4th Module - MIS
Ethics refers to rules of right and wrong that people use to make choices to guide their behaviors. Ethics in MIS
seek to protect and safeguard individuals and society by using information systems responsibly. Most
professions usually have defined a code of ethics or code of conduct guidelines that all professionals affiliated
with the profession must adhere to.
Information system security refers to the way the system is defended against unauthorized access, use,
disclosure, disruption, modification, perusal, inspection, recording or destruction.
There are two major aspects of information system security −
Security of the information technology used − securing the system from malicious cyber-attacks that tend
to break into the system and to access critical private information or gain control of the internal systems.
Security of data − ensuring the integrity of data when critical issues, arise such as natural disasters,
computer/server malfunction, physical theft etc. Generally an off-site backup of data is kept for such
problems.
Ethical and Legal Implications of Information Systems
Information Systems Ethics
The term ethics is defined as “a set of moral principles” or “the principles of conduct governing an individual or a group.”
Information Technology specifies to the components that are used to store, fetch and manipulate the information at the
minimum level with the server having an operating system. Information Technology have a wide area of applications in
education, business, health, industries, banking sector and scientific research at a large level. With the leading
advancement in information technology, it is necessary to have the knowledge of security issues, privacy issues and
main negative impacts of IT. To deal with these issues in IT society it is important to find out the ethical issues.
Some of the major ethical issues faced by Information Technology (IT) are:
1. Personal Privacy
2. Access Right
3. Harmful Actions
4. Patents
5. Copyright
6. Trade Secrets
7. Liability
8. Piracy
These are explained with their affects as following below:
1. Personal Privacy:
It is an important aspect of ethical issues in information technology. IT facilitates the users having their own
hardware, operating system and software tools to access the servers that are connected to each other and to the users
by a network. Due to the distribution of the network on a large scale, data or information transfer in a big amount
takes place which leads to the hidden chances of disclosing information and violating the privacy of any individuals
or a group. It is a major challenge for IT society and organizations to maintain the privacy and integrity of data.
Accidental disclosure to inappropriate individuals and provisions to protect the accuracy of data also comes in the
privacy issue.
2. Access Right:
The second aspect of ethical issues in information technology is access right. Access right becomes a high priority
issue for the IT and cyberspace with the great advancement in technology. E-commerce and Electronic payment
systems evolution on the internet heightened this issue for various corporate organizations and government agencies.
Network on the internet cannot be made secure from unauthorized access. Generally, the intrusion detection system
are used to determine whether the user is an intruder or an appropriate user.
3. Harmful Actions:
Harmful actions in the computer ethics refers to the damage or negative consequences to the IT such as loss of
important information, loss of property, loss of ownership, destruction of property and undesirable substantial
impacts. This principle of ethical conduct restricts any outsiders from the use of information technology in manner
which leads to any loss to any of the users, employees, employers and the general public. Typically, these actions
comprises of the intentional destruction or alteration of files and program which drives a serious loss of resources.
To recover from the harmful actions extra time and efforts are required to remove the viruses from the computer
systems.
4. Patents:
It is more difficult to deal with these types of ethical issues. A patent can preserve the unique and secret aspect of an
idea. Obtaining a patent is very difficult as compared with obtaining a copyright. A thorough disclosure is required
with the software. The patent holder has to reveal the full details of a program to a proficient programmer for
building a program.
5. Copyright:
The information security specialists are to be familiar with necessary concept of the copyright law. Copyright law
works as a very powerful legal tool in protecting computer software, both before a security breach and surely after a
security breach. This type of breach could be the mishandling and misuse of data, computer programs,
documentation and similar material. In many countries, copyright legislation is amended or revised to provide
explicit laws to protect computer programs.
6. Trade Secrets:
Trade secrets is also a significant ethical issue in information technology. A trade secret secures something of value
and usefulness. This law protects the private aspects of ideas which is known only to the discover or his confidants.
Once disclosed, trade secret is lost as such and is only protected by the law for trade secrets. The application of trade
secret law is very broad in the computer range, where even a slight head start in the advancement of software or
hardware can provide a significant competitive influence.
7. Liability:
One should be aware of the liability issue in making ethical decisions. Software developer makes promises and
assertions to the user about the nature and quality of the product that can be restricted as an express warranty.
Programmers or retailers possess the legitimate to determine the express warranties. Thus they have to be practical
when they define any claims and predictions about the capacities, quality and nature of their software or hardware.
Every word they say about their product may be as legally valid as stated in written. All agreements should be in
writing to protect against liability. A disclaimer of express warranties can free a supplier from being held
responsible of informal, speculative statements or forecasting made during the agreement stages.
8. Piracy:
Piracy is an activity in which the creation of illegal copy of the software is made. It is entirely up to the owner of the
software as to whether or not users can make backup copies of their software. As laws made for copyright protection
are evolving, also legislation that would stop unauthorized duplication of software is in consideration. The software
industry is prepared to do encounter against software piracy. The courts are dealing with an increasing number of
actions concerning the protection of software.
Computer crime
Computer crime is an act performed by a knowledgeable computer user, sometimes referred to as a hacker that
illegally browses or steals a company's or individual's private information. In some cases, this person or group of
individuals may be malicious and destroy or otherwise corrupt the computer or data files.
cybercrime, also called computer crime, the use of a computer as an instrument to further illegal ends, such as
committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating
privacy. Cybercrime, especially through the Internet, has grown in importance as the computer has become
central to commerce, entertainment, and government.
Identity theft
Identity theft occurs when a cyber-criminal impersonates
someone else identity to practice malfunction. This is usually
done by accessing personal details of someone else. The details used in such crimes include social security
numbers, date of birth, credit and debit card numbers, passport numbers, etc.
Once the information has been acquired by the cyber-criminal, it can be used to make purchases online while
impersonating himself to be someone else. One of the ways that cyber-criminals use to obtain such personal
details is phishing. Phishing involves creating fake websites that look like legitimate business websites or emails.
Copyright infringement
Piracy is one of the biggest problems with digital products. Websites such as the pirate bay are used to distribute
copyrighted materials such as audio, video, software, etc. Copyright infringement refers to the unauthorized use
of copyrighted materials.
Fast internet access and reducing costs of storage have also contributed to the growth of copyright infringement
crimes.
Click fraud
Advertising companies such as Google AdSense offer pay per click advertising services. Click fraud occurs
when a person clicks such a link with no intention of knowing more about the click but to make more money.
This can also be accomplished by using automated software that makes the clicks.
Advance Fee Fraud
An email is sent to the target victim that promises them a lot of money in favor of helping them to claim their
inheritance money.
In such cases, the criminal usually pretends to be a close relative of a very rich well-known person who died.
He/she claims to have inherited the wealth of the late rich person and needs help to claim the inheritance. He/she
will ask for financial assistance and promise to reward later. If the victim sends the money to the scammer, the
scammer vanishes and the victim loses the money.
Hacking
Hacking is used to by-pass security controls to gain unauthorized access to a system. Once the attacker has
gained access to the system, they can do whatever they want. Some of the common activities done when system
is hacked are;
Install programs that allow the attackers to spy on the user or control their system remotely
Deface websites
Steal sensitive information. This can be done using techniques such as SQL Injection, exploiting
vulnerabilities in the database software to gain access, social engineering techniques that trick users into
submitting ids and passwords, etc.
Computer virus
Viruses are unauthorized programs that can annoy users, steal sensitive data or be used to control equipment that
is controlled by computers.
Other Types of Cyber Crime
Computer Fraud: Intentional deception for personal gain via the use of computer systems.
Privacy violation: Exposing personal information such as email addresses, phone number, account
details, etc. on social media, hacking a websites, etc.
Identity Theft: Stealing personal information from somebody and impersonating that person.
Sharing copyrighted files/information: This involves distributing copyright protected files such as
eBooks and computer programs etc.
Electronic funds transfer: This involves gaining an un-authorized access to bank computer
networks and making illegal fund transfers.
Electronic money laundering: This involves the use of the computer to launder money.
ATM Fraud: This involves intercepting ATM card details such as account number and PIN numbers.
These details are then used to withdraw funds from the intercepted accounts.
Denial of Service Attacks: This involves the use of computers in multiple locations to attack servers
with a view of shutting them down.
Spam: Sending unauthorized emails. These emails usually contain advertisements.
Cyber Theft
Cyber theft is a part of cybercrime which means theft carried out by means of computers or the Internet.
The most common types of cyber theft include identity theft, password theft, theft of information, internet time
thefts etc.
Identity Theft
Identity theft pertains to illegally obtaining of someone's personal information which defines one's identity for
economic benefit. It is the commonest form of cyber theft. Identity theft can take place whether the fraud victim
is alive or deceased. Creating a fake account or impersonation by creating multiple email-ids has become quite
common and has resulted in commission of fraud in order to obtain any such information which can be used by
cyber criminals to take over the victim's identity to commit myriad crimes. The advancement of technology has
made things much easier as it is much difficult to track the person impersonating as Internet and online
transactions provides a kind of anonymity and privacy to an individual.
There are various techniques through which data theft could be committed and personal information could be
procured from electronic devices. These are as follows: -
Hacking- The persons known as hackers unscrupulously break into the information contained in any
other computer system. Section 66 deals with the offence of unauthorized access to the computer
resource and defines it as "Whoever with the purpose or intention to cause any loss, damage or to
destroy, delete or to alter any information that resides in a public or any person's computer. Diminish its
utility, values or affects it injuriously by any means, commits hacking." The offence of hacking is a
violation of one's fundamental right to privacy as provided by the Constitution. It is a method wherein
viruses or worms like malware divert information from another computer system by decrypting it to the
hacker who after obtaining the information either use it themselves or give it to others to commit fraud
using such information.
Phishing- It uses fake email-ids or messages containing viruses affected websites. These infected
websites urge people to enter their personal information such as login information, account's information.
E-Mail/SMS Spoofing- The spoofed e-mail is one which shows its origin to be different from where it
actually originated. In SMS spoofing, the offender steals identity of another person in the form of phone
number and sending SMS via internet and the receiver gets the SMS from the mobile number of the
victim.
Carding- The cyber criminals makes unauthorized use of the ATM debit and credit cards to withdraw
money from the bank accounts of the individual.
Vishing- The cyber-criminal calls the victim by posing to be a bank representative or call center
employee, thereby fooling them to disclose crucial information about their personal identity.
Hacking is the activity of identifying weaknesses in a computer system or a network to exploit the security to
gain access to personal data or business data. An example of computer hacking can be: using a password
cracking algorithm to gain access to a computer system.
Computers have become mandatory to run a successful businesses. It is not enough to have isolated computers
systems; they need to be networked to facilitate communication with external businesses. This exposes them to
the outside world and hacking. System hacking means using computers to commit fraudulent acts such as fraud,
privacy invasion, stealing corporate/personal data, etc. Cyber crimes cost many organizations millions of dollars
every year. Businesses need to protect themselves against such attacks.
Who is a Hacker?
A Hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain
access. Hackers are usually skilled computer programmers with knowledge of computer security.
Types of Hackers
Hackers are classified according to the intent of their actions. The following list classifies types of hackers
according to their intent:
Ethical Hacker (White hat): A security hacker who gains access to systems with a view to fix the identified
weaknesses. They may also perform penetration Testing and vulnerability assessments.
Cracker (Black hat): A hacker who gains unauthorized access to computer systems for personal gain. The
intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts etc.
Grey hat: A hacker who is in between ethical and black hat hackers. He/she breaks into computer systems
without authority with a view to identify weaknesses and reveal them to the system owner.
Script kiddies: A non-skilled person who gains access to computer systems using already made tools.
Hacktivist: A hacker who use hacking to send social, religious, and political, etc. messages. This is usually done
by hijacking websites and leaving the message on the hijacked website.
Phreaker: A hacker who identifies and exploits weaknesses in telephones instead of computers.
Ethical Hacking
Ethical Hacking is identifying weakness in computer systems and/or computer networks and coming with
countermeasures that protect the weaknesses. Ethical hackers must abide by the following rules.
Get written permission from the owner of the computer system and/or computer network before hacking.
Protect the privacy of the organization been hacked.
Transparently report all the identified weaknesses in the computer system to the organization.
Inform hardware and software vendors of the identified weaknesses.
Cracking
Whereas hacking is the process of intruding computer systems without authorization in order to gain access to
them, for good or bad purposes, cracking is the same practice though with criminal intention. However, cracking
is generally less harmful than hacking.
A cracker is someone who breaks into a network; bypasses passwords or licenses in computer programs; or in
other ways intentionally breaches computer security. Crackers also act as Black Hats: by gaining access to the
accounts of people maliciously and misusing this information across networks. They can steal credit card
information, they can destroy important files, disclose crucial data and information or personal details and sell
them for personal gains.
There are various types of crackers that include script kiddies, packet monkeys, s’kiddiots, lamers, warez d00dz,
and wannabes. Some of the characteristics of crackers include:
Less skilled and do not possess necessary in-depth knowledge about programming and codes.
Always rely on the software tools created by others to carry out their operations.
They only know the process of cracking the security networks and they lack the advanced knowledge.
The difference between hacking and cracking
The basic difference is that a hacker uses their extensive knowledge of computer logic and code, while a
cracker looks for back doors in programs, and exploits those back doors.
Hackers break into the security systems for the sole purpose of checking the holes in the system and
works on rectifying these while as the Cracker breaks into the security system for criminal and illegal
reasons or for personal gains.
Hackers are people who use their knowledge for a good purpose and do not damage the data, whereas a cracker
is someone who breaks into the system with a malicious purpose and damages data intentionally.
Hackers possess advanced knowledge of computer systems and programming languages, while crackers might
not necessarily be so skilled and well-versed with computing knowledge.
The hackers work for an organization to improvise their network and solve any issues. Crackers are someone
from whom the hacker protects the organization. Crackers work just because a system might be challenging or to
get illegal gains.
Hacking is ethical, while cracking is illegal and unethical.
Hackers have ethical certificates, while the Crackers do not possess any certificates.
Hackers continuously work towards making new tools rather than using the existing ones. The crackers, on the
other hand, have inadequate computing knowledge to make new tools and use tools already used by other
crackers.
Malware: software that has a mischievous purpose such as virus attacks, worms, adware, Trojan horses, and
spyware. This is the most prevalent danger to a system.
Malware is a catch-all term for various malicious software, including viruses, adware, spyware, browser
hijacking software, and fake security software.
Virus: A computer virus is a program that replicates itself. A computer virus attaches itself to a program or file
to help it spread from one computer to another. Almost all viruses are attached to an executable file, which
means the virus may exist on a computer but it actually cannot infect the computer unless one runs or opens the
malicious program. A virus will also have some other unpleasant functions.
Viruses which are the most commonly-known form of malware and potentially the most destructive. They can
do anything from erasing the data on your computer to hijacking your computer to attack other systems, send
spam, or host and share illegal content.
Worms: A worm is similar to a virus and is considered to be a sub-class of a virus. It spreads from computer
to computer, as it has the capability to travel without any human action. A worm takes advantage of file or
information transport features on a system, which is what allows it to travel unaided. Worms cause harm to the
infected network.
Spyware
Spyware, also known as "adware," is software that sends information from your computer to a third party
without your consent.
Spyware is simply software that literally spies on what is being done on a computer. Spyware can be as simple as
a cookie used by a website or a more dangerous type such as a key logger that records every keystroke one
makes on a keyboard.
Spyware collects your personal information and passes it on to interested third parties without your knowledge
or consent. Spyware is also known for installing Trojan viruses.
Besides secretly monitoring a user's behavior, spyware collects personal information, which could lead to
identity theft. Retail companies use spyware to gather data about customers' Internet habits. Spyware may also
redirect the web browser to malicious sites, allowing a third party control over the user's computer and the
installation of additional harmful software such as viruses and Trojan horses.
Machines infected with spyware may experience:
o Slow system performance
o System crashes
o Difficulty in uploading the web browser
o Frequent display of pop-up ads and error messages
o Diversion of the search engine and surfing activities
o New icons appearing suddenly on the computer
o Certain browser function keys that have stopped working
Measures of protection:
To avoid infecting your computer with spyware, it is recommended to the take the following measures of
protection:
o Install and update anti-malware software (e.g. Windows Defender). Visit Secure Your Computer on the
Computing Services website for instructions on downloading, using and updating anti-malware software.
o Install and maintain a firewall. For instructions on how to configure Windows Firewall, or Macintosh, please
visit the Computing Services Secure Your Computer.
o Avoid opening attachments sent via email, chat-rooms, and text messages unless you trust the source of the
attachment and the sender. Unless you were expecting it, confirm with the sender before opening.
o Avoid clicking on links without checking the source of the link and the sender.
o Avoid free downloads. Only download software from trusted web sites, or software bought from trusted
vendors
o Turn on the pop-up blocker on your browser, and set your browser's security level to High. Internet Explorer
users can turn on pop-up blocker by selecting "Tools" on the tool-bar, then "Pop-up blocker" and select "Turn
on Pop-up Blocker". For more tips on securing your web browser visit US-CERT, Securing Your Web
Browser.
o Avoid responding to questions in a pop-up window or clicking on pop-up windows links.
Avoid using Peer to Peer (P2P) File Sharing applications. A large number of P2P File Sharing applications
contain spyware.
Software piracy
Software piracy is the act of stealing software that is legally protected. This stealing includes copying,
distributing, modifying or selling the software.
Copyright laws were originally put into place so that the people who develop software (programmers, writers,
graphic artists, etc.) would get the proper credit and compensation for their work. When software piracy occurs,
compensation is stolen from these copyright holders.
Computer piracy is illegal and constitutes a federal crime. The monetary penalties for those who break this law
can reach up to $150,000 per instance of copyright violation.
Types of Software Piracy
There are five main types of software piracy. This variety of pirating techniques explains how some individuals
purposely pirate software while others may unknowingly be an accomplice.
Soft lifting
Soft lifting is when someone purchases one version of the software and downloads it onto multiple computers, even though
the software license states it should only be downloaded once. This often occurs in business or school environments and is
usually done to save money. Soft lifting is the most common type of software piracy.
Client-server overuse
Client-server overuse is when too many people on a network use one main copy of the program at the same time. This
often happens when businesses are on a local area network and download the software for all employees to use. This
becomes a type of software piracy if the license doesn’t entitle you to use it multiple times.
Hard disk loading
Hard disk loading is a type of commercial software piracy in which someone buys a legal version of the software and then
reproduces, copies or installs it onto computer hard disks. The person then sells the product. This often happens at PC
resale shops and buyers aren’t always aware that the additional software they are buying is illegal.
Counterfeiting
Counterfeiting occurs when software programs are illegally duplicated and sold with the appearance of authenticity.
Counterfeit software is usually sold at a discounted price in comparison to the legitimate software.
Online Piracy
Online piracy, also known as Internet piracy, is when illegal software is sold, shared or acquired by means of the Internet.
This is usually done through a peer-to-peer (P2P) file-sharing system, which is usually found in the form of online auction
sites and blogs.
Software piracy may have a cheaper price point, but there are many dangers that software pirates should be
aware of.
An identity theft involves both theft and fraud, therefore the provisions with regard to forgery as provided under
the Indian Penal Code, 1860 (IPC) is often invoked along with the Information Technology Act, 2000. Some of
the Sections of IPC such as forgery (Section 464), making false documents (Section 465), forgery for purpose of
cheating (Section 468), reputation (Section 469), using as genuine a forged document (Section 471) and
possession of a document known to be forged and intending to use it as genuine (Section 474) can be coupled
with those in the IT Act.
The Information Technology Act, 2000 (IT Act) is the main act which deals with the legislation in India
governing cybercrimes. Some of the Sections dealing with Cyber Theft are: -
Section 43 If any person without permission of the owner damages to computer, computer system, etc.
he/she shall be liable to pay compensation to the person so affected.
Section 66 If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be
punishable with imprisonment for a term which may extend to three years or with fine which may extend
to five lakh rupees or with both.
Section 66B Punishment for dishonestly receiving stolen computer resource or communication device is
Imprisonment for a term which may extend to three years or with fine which may extend to rupees one
lakh or with both.
Section 66C provides for punishment for Identity theft as: Whoever, fraudulently or dishonestly make use
of the electronic signature, password or any other unique identification feature of any other person, shall
be punished with imprisonment of either description for a term which may extend to three years and shall
also be liable to fine with may extend to rupees one lakh.
Section 66 D on the other hand was inserted to punish cheating by impersonation using computer
resources.
The assurance function is internal audit, whose mission can be defined to enhance and protect organizational
value by providing risk-based and objective assurance to evaluate the effectiveness of governance, risk
management and control processes.
To achieve the organization’s ultimate goal of managing risk (e.g., information and technology risk) within its
risk appetite, various business functions and/or the three lines of defense have to perform activities such as
information gathering, risk assessment, reviews, analysis, reporting and monitoring of risk that may be common
among the three lines. One way to find out these commonalities is through frequent communication, which
facilitates information sharing. To facilitate communication and discussion of risk within an organization,
different business functions can use the same set of risk categories and taxonomy.
Second line: The second-line function enables the identification of emerging risks in daily operation of the
business. It does this by providing compliance and oversight in the form of frameworks, policies, tools, and
techniques to support risk and compliance management.
Third line: The third-line function provides objective and independent assurance. While the third line’s key
responsibility is to assess whether the first- and second-line functions are operating effectively, it is charged
with the duty of reporting to the board and audit committee, in addition to providing assurance to regulators
and external auditors that the control culture across the organization is effective in its design and operation.
Mobile cloud computing offers a greater degree of speed and flexibility for end-users and applications
developers. The mobile cloud encompasses cloud-based data and the applications and services created for mobile
devices. It brings together mobile application development and cloud-based services, facilitating the delivery of
cloud services and apps to mobile users. Remote data centers store the relevant data and run the apps.
Mobile cloud computing is fast and flexible. As a result, mobile cloud computing makes it easy for
developers to create and share mobile app resources with end-users. Therefore, mobile applications can be
built and updated faster.
Mobile cloud computing shares resources. Mobile apps that run off the cloud aren’t constrained by any
mobile device’s processing and storage limitations. All data-intensive processes can run from the cloud. This
advantage means that any mobile device with access to a network can use mobile cloud apps, regardless of the
operating system. Thus, users can enjoy cloud computing with Android or OS devices.
Mobile cloud computing uses integrated data. Mobile cloud computing lets users securely and quickly
collect and integrate information from many sources, no matter where the data is.
Applications enjoy better processing power and data storage capacity
Applications run more efficiently, thus extending battery life
Applications are more user-friendly and easier to integrate
Applications are more reliable and scalable
Cloud Computing
Cloud computing is the delivery of on-demand computing services over the internet on a pay-as-you-go basis. To
put it in simple terms, cloud computing allows you to manage files and services over the internet with remote
servers rather than a local server or personal computer.
Modern businesses are continually moving more of their operations into the cloud to support a more scalable,
cost-effective environment.
Reduced IT costs:Moving to cloud computing might reduce the cost of managing and maintaining your IT
systems. Instead of purchasing expensive systems and equipment for your business, you can reduce costs
with the resources of a cloud computing service provider.
Scalability:With a cloud computing service, you only pay for what you need. You can scale your storage up
or down based on your needs.
Server Storage:By taking advantage of a cloud service provider, you’re saving space on your own server.
Data Security:Cloud service providers are typically more secure than a local server or your own personal
computer. Therefore, cloud computing helps protect your company’s sensitive data from being corrupted or
lost.
Difference Between Cloud Computing and Mobile Computing
Cloud computing allows us to store and organize our data and information, whereas mobile computing
provides access to data and information through a mobile device. Understanding the roles and security of
each allows us to optimize our data use and take advantage of resources that streamline and organize that
process.
E-commerce
Electronic commerce can simply defined as doing businesses electronically. Some of the definitions of e-
commerce often heard and found in publications and the media are: Electronic Commerce (EC) is where
business transactions take place via telecommunications networks, especially the Internet.Electronic
commerce describes the buying and selling of products, services, and information via computer networks
including the Internet Electronic commerce is about doing business electronically E-commerce, ecommerce,
or electronic commerce is defined as the conduct of a financial transaction by electronic means.
In E Commerce, conducting the exchange of information using a combination of structured messages (EDI),
unstructured messages (e-mail), data, databases and database access across the entire range of networking
technologies. The sharing of information with business partners leads to cost savings, increased
competitiveness, improved customer relations and greater efficiency through the redesign of traditional
processes. In the quest to maintain market position or gain competitive advantage by streamlining operations,
reducing costs and improving customer service, businesses are increasingly turning to electronic commerce.
"Electronic commerce covers any form of business or administrative transaction or information exchange that
is executed using any information and communication technology (ICT)." It covers three main areas of
activities, which are
Business to business
Business to consumer
Government to nation - that included both businesses and the citizen.
M- Commerce
Mobile commerce popularly known as m-commerce is actually just a subset of e-commerce. The term itself was coined in
1997by Kevin Duffy. It is essentially a way of carrying thousands and millions of retail shops in your pocket. Let us study a
bit moreabout mobile commerce.
M-commerce is the use of mobile phones to conduct any type of business transaction. It takes the help of the e-
commerce background and WAP technology.
The use of wireless technology (WAP) to conduct sales of goods, provide services, make payments and
other financial transactions, the exchange of information etc. is the basis of mobile commerce.
Applications of M-commerce
Mobile Banking: Using a mobile website or application to perform all your banking functions. It is one step
ahead of online banking and has become commonplace these days. For example, in Nigeria, the majority of banking
transactionshappen on mobile phones.
Mobile Ticketing and Booking: Making bookings and receiving your tickets on the mobile. The digital
ticket or boarding pass is sent directly to your phone after you make the payment from it. Even in India now IRTC and
other services provide m-ticketing services.
E-bills: This includes mobile vouchers, mobile coupons to be redeemed and even loyalty points or cards
system.
Auctions: Online auctions having now been developed to be made available via mobile phones as well.
Stock Market Reports and even stock market trading over mobile applications.
Advantages of M-commerce
It provides a very convenient and easy to use the system to conduct business transactions.
Mobile commerce has a very wide reach. A huge part of the world’s population has a mobile phone in their
pocket. Sothe sheer size of the market is tremendous.
M-commerce also helps businesses target customers according to their location, service provider, the type of
devicethey use and various other criteria. This can be a good marketing tool.
The costs of the company also reduced. This is due to the streamlined processes, now transaction cost, low
carrying cost and low order processing cost as well.
Disadvantages of M-commerce
The existing technology to set up an m-commerce business is very expensive. It has great start-up costs
and manycomplications arise.
In developing countries, the networks and service providers are not reliable. It is not most suitable for data
transfer.
Then there is the issue of security. There are many concerns about the safety of the customer’s private
information. Andthe possibility of a data leak is very daunting.