Web Development Design Foundations with XHTML Chapter 12
Web Development & Design Foundations with XHTML Chapter 12 Key Concepts
Learning Outcomes n In this chapter, you will learn how to: n n n n n Describe E-Commerce Identify benefits and risks of E-Commerce Describe E-Commerce business models Describe E-Commerce Security and Encryption Describe EDI (Electronic Data Interchange) Describe trends and projections for E-Commerce Describe issues related to E-Commerce Describe order and payment processing Describe E-Commerce solution options 2
What is E-Commerce? n The integration of communications, data management, and security technologies to allow individuals and organizations to exchange information related to the sale of goods and services. n Major functions of E-Commerce include: n n n the buying of goods, the selling of goods, and performance of financial transactions on the Internet. 3
E-Commerce Advantages for Businesses Reduced Costs n Increased Customer Satisfaction n More Effective Data Management n Potentially Higher Sales n 4
E-Commerce Advantages for Consumers Convenience n Easier Comparison Shopping n Wider Selection of Goods n 5
E-Commerce Risks for Businesses n n Need for a robust, reliable web site Fraudulent transactions Customer reluctance to purchase online Increased competition 6
E-Commerce Risks for Consumers n n Possible Security Issues Possible Privacy Issues Purchasing from photos & descriptions Possible difficulty with returns 7
E-Commerce Business Models n n B 2 C – Business-to-Consumer B 2 B – Business-to-Business C 2 C – Consumer-to-Consumer B 2 G – Business-to-Government 8
Electronic Data Interchange (EDI) n The transfer of data between different companies using networks. n n EDI is not new n n In existence since the 1960 s Trading Partners n n Facilitates the exchange of standard business documents including purchase orders and invoices Organizations that exchange EDI transmissions Newer technologies n n XML and Web Services are replacing traditional EDI Provide opportunities to customize secure information exchange over the Internet 9
E-Commerce Statistics Source: http: //www. clickz. com/show. Page. html? page=3575456
Typical Internet User n Mirrors the U. S. Population Male Female Household Income Adults 18 -49 n 49% 51% $40, 816 74% Other Demographics: n n http: //www. pewinternet. org/ http: //www. clickz. com http: //www. census. gov/eos/www/ebusiness 614. htm http: //www. ecominfocenter. com/ 11
E-Commerce Issues n n n Intellectual Property Security Fraud Taxation International Commerce 12
E-Commerce Security n Encryption n Decryption n n Ensures privacy within an organization and on the Internet. The conversion of data into an unreadable form, called a ciphertext. The process of converting the ciphertext back into its original form, called plaintext or cleartext, so it can be understood. The encryption/decryption process requires an algorithm and a key. 13
E-Commerce Security Encryption Types Secure E-Commerce transactions use the encryption technologies below: n n n Symmetric-key Encryption Asymmetric-key Encryption Hash Encryption SSL (Secure Sockets Layer) n n Utilizes these encryption technologies Provides for secure transmission of data on the Internet. 14
E-Commerce Security Types of Encryption(1) Symmetric-Key Encryption n n Also called single-key encryption Both encryption and decryption use the same key Both the sender and receiver must know the key before communicating using encryption. Advantage: speed 15
E-Commerce Security Types of Encryption(2) Asymmetric-Key Encryption n Also called public-key encryption n There is no shared secret n Two keys are created at the same time: n n n Public key Private key Asymmetric-key encryption is much slower than symmetric-key encryption. 16
E-Commerce Security Types of Encryption(3) Hash Encryption n A hash algorithm transforms a string of characters into a “digest” n A shorter fixed-length value or key that represents the original string n One-way encryption n Used for information that will not be read or decrypted n Purpose: verify the integrity of information 17
Secure Sockets Layer (SSL) n A protocol that allows data to be privately exchanged over public networks n Developed by Netscape n Encrypts data sent between a client (usually a Web browser) and a Web server. n Utilizes both symmetric and asymmetric keys. n “https” protocol n Browsers display a “lock” icon 18
SSL in Action
Secure Sockets Layer (SSL) n SSL provides secure communication between a client and server by using: n Server and (optionally) client digital certificates for authentication n Symmetric-key cryptography using a "session key" for bulk encryption n Public-key cryptography for transfer of the session key n Message Digests (hash encryption) to verify the integrity of the transmission 20
SSL & Digital Certificate n A form of an asymmetric key n Also contains information about the certificate, the holder of the certificate, and the issuer of the certificate. Used by SSL to authenticate the n identity of the Web server n 21
Digital Certificate n The contents of a digital certificate include: n n n The public key Effective date of the certificate Expiration date of the certificate Details about the Certificate Authority -- the issuer of the certificate Details about the certificate holder A digest of the certificate content 22
Certificate Authority A trusted third-party organization or company that issued digital certificates. n Well-known Certificate Authorities: n n Verisign n http: //www. verisign. com n Thawte n http: //www. thawte. com 23
Obtaining a Digital Certificate n n Request a certificate from a Certificate Authority and pay the application fee. The Certificate Authority: n n n verifies your identity, issues your Certificate, and supplies you with a public/private key pair. Store the certificate in your software such as a web server, web browser, or email application. The Certificate Authority makes your 24 certificate publicly known.
SSL & Digital Certificates n When you visit an e-commerce site that uses SSL, a number of steps are involved in the authentication process. n n n The web browser and web server go through initial handshaking steps using the server certificate and keys. Once trust is established, the web browser encrypts the single secret key (symmetric key) that will be used for the rest of the communication. From this point on, all data is encrypted using the secret key. 25
Checkpoint 12. 1 1. Describe three advantages of e-commerce for an entrepreneur just starting a business. 2. Describe three risks that businesses face when engaging in e-commerce. 3. Define SSL. Describe how an online shopper can tell that an e-commerce site is using SSL. 26
Order & Payment Processing n E-Commerce Payment Models: Cash n Check n Credit n Smart Card n Micropayments n 27
Credit Card Order Processing Flow
E-Commerce Storefront Solutions n Instant Online Storefront n n Off-The-Shelf Shopping Cart Software n n Agoracart, os. Commerce, Zen. Cart, Mercantec Softcart Custom Built Solution n Yahoo!, Earthstores, Shopify, Free. Merchant IBM's Web. Sphere Commerce Suite, Microsoft's Commerce Server Visual Studio. NET, Adobe Dreamweaver Semi-Custom Built Solutions on a Budget n n n E-Commerce add-ons for Front. Page and Dreamweaver Paypal order processing Free shopping cart scripts 29
Checkpoint 12. 2 1. List three payment models commonly used on the Web. Which one is the most popular, why? 2. Have you purchased online? If so, think of the last item that you purchased. 1. 2. 3. Why did you purchase it online instead of at a store? Did you check to see if the transaction was secure? Why or why not? How will your shopping habits be different in the future? 30
Summary This chapter introduced you to basic e -commerce concepts and implementations. Consider taking an E-Commerce course to continue your study of this dynamic and growing area of web development. 31
- Slides: 31