Table of Contents
The marriage of Electronic Commerce and World Wide Web technologies have opened up new avenues in which manufacturers, suppliers, and distributors can conduct business over wide area global networks. This paper explores the potential of using the World Wide Web in creating new platforms over which business processes can be initiated and completed. Issues such as standardization, security, privacy, and delivery mechanisms are taking shape to make the Internet a popular medium for commercial functions and activities
Electronic Commerce is the paperless exchange of business information. In order for electronic commerce to work, certain standards have to be in place so that there is a common format in which companies can exchange data. This is achieved by using Electronic Data Interchange (EDI) which provides a format based on a public standard. Some of the advantages offered by EDI include increased speed of business transactions, reduction of manual data entry errors, lower costs for printing, mailing, and labor (Sivori, 1996).
During inception, EDI was conducted over Value Added Networks (VAN) which served as electronic post office for exchanging EDI transactions. Using such a network provided audit trail, security, and reliability of transactions. Appropriate software for different operating systems made it possible to remain machine independent and still use EDI. Although use of EDI was prevalent in industries and government, it did not reach the consumer directly because of the heavy investment required for purchase of proprietary software, hardware, network access, and difficulty in setting up and using the system. VANs also did not easily offer interactivity, data interchange among different file formats, multimedia capabilities, synchronous communication, and world wide connectivity for exchange of time sensitive data.
In the early 1960s, the Internet was primarily the domain of military, research, and educational institutions. It grew out of ARPANET, a research network created by the Department of Defense (DoD) Advanced Research Projects Agency (ARPA). In the mid 1980s, DoD moved its military operations machines to a separate network and ARPANET was transformed to NSFNET, a new network founded by the National Science Foundation. NSFNET consists of more than a dozen regional networks linked by high-speed (1.5 megabits per second) connections. The regional networks connected various other networks in universities, corporations, and research institutes. In 1995, NSFNet was shut down and management of the backbone was turned over to companies such as MCI, Sprintlink, and Advanced Network and Services (ANS). The Internet became a commercial network with main Network Access Points being located at Chicago, New York, Bay Area, and Washington, D.C. being served by Ameritech and Bellcore, Sprint, Pacific Bell and MFS Datanet respectively.
The World Wide Web (WWW) has evolved as a main component of Internet. It is a powerful medium to deliver on-demand, just-in-time information. The Web has undergone tremendous growth in the past five years. While there were approximately 100 Web sites in 1992, today there are more than 200,000; there were fewer than 30,000 Internet linked computer networks two years ago, today there are more than 90,000; there were 300 Internet host computers in 1980, today there are more than 10 million; the amount of information on the Internet doubles every year, the Web grows by 300,000 pages every seven days (Amano & Blohm, 1997).
There are a wide range of options for connecting to the Internet by using local Internet Service Providers (ISPs) or large national on-line service providers such as America Online, CompuServe, Prodigy Microsoft Network. Access can be over phone lines, dedicated leased lines, and more recently available cable modems. Access charges vary according to the services subscribed to. Basic consumer Internet services may include terminal emulation for telnet, ftp connections, whereas advanced options extend to Unix shell accounts, Usenet, SLIP/PPP, IRC, Web enabled directory services along with customized client disks for popular e-mail clients and Web Browsers, graphical file viewers and Internet applets. Businesses have the option of renting virtual server space from Web service providers or installing their own server if dedicated connection is available to keep the server on-line. Unless companies have their own information systems department and are willing to put in the time, cost, and personnel resources for upkeep of the server, it is better to consider a virtual setup using a Web hosting service. When selecting a Web service provider, some items such high speed access, web site design and coding, domain name registration (e.g. http://www.mycompanyname.com), type of server hardware, software, backup provisions, tech support, secure sockets layer access, cgi-bin directory, e-mail and ftp services, site usage statistics have to be carefully considered (Falk, 1996).
Since businesses have been quick to recognize the potential offered by the Web and have put up Web Sites as electronic storefronts, consumers have started accessing these sites in record numbers. The general public has become more comfortable using technology because of newer generation software that provides easy to use graphical user
interfaces requiring minimum user training beyond initial setup of hardware and connectivity parameters on desktop personal computers.
For a business to setup a Web site it should be important to understand the main objective for putting up the site. Will it be used for advertising, distribution of product literature, feedback, communication, or on-line ordering? Two years ago many companies published Web pages that announced their business on the Internet provided nice graphics, e-mail addresses, and phone numbers. Today small and large companies are using the Web as a medium to conduct business where the entire transaction - from browsing, to buying and paying is generated and completed over the Internet by using secure transactions over the Web.
The most complex setup is when a business uses the Web for actual online sales of products that include fully automated transactions that begin and end via the Internet. A potential buyer connects to the server by means of a browser, looks through online catalogs, interactively selects various options that meet his/her requirements, and fills out an electronic form to order the product. These apparently simple procedures on the user's side hide the complex sequence of database queries that are generated on the server side to generate a completed order. The sequence is outlined below:
1) Buyer connects to the server using browser such as Netscape Navigator or Microsoft
Internet Explorer.
2) Server presents form data to buyer's browser.
3) User selects options from form items and submits data to server.
4) Server performs the following actions:
Data is parsed into variables
Query is generated by gateway script
Query is submitted to database
Database return dataset items that match query
Dataset is formatted to HyperText Markup Language (HTML)
Server sends formatted output to client 5) Client displays result page on buyer's browser.
In most cases the script mentioned in step 4 above uses Common Gateway Interface (CGI) technology written in Perl scripting language. CGI makes HTML documents interactive by interfacing external application such as backend databases to the Web browser interface (Dwight & Erwin, 1996). One example of CGI use can be found at the Gateway 2000 computer site located at http: / /www. gw2k . com. (see Figure 1 below).
Figure 1: User customizable forms at http: / /www . gw2 k . com
Once a user selects required computer configuration options from Monitor, Graphics Accelerator, Hard Drive, CD-ROM, Fax/Modem etc. and presses the 'Configure Price'
button located at the bottom of the Web page, a CGI script is run that calculates price of user customized system by querying a back end database and returns the system price to the user who now has an option of purchasing the system on-line by entering name, address, phone, and credit card information. (see Figure 2)
Figure 2: Online ordering form for user customized system.
One of the biggest problems with acceptance of Electronic Commerce on the Web is the issue of Security. With every hacking attempt being blown out of proportion in the media, customers are reluctant to provide sensitive information such as credit card numbers on Web sites for the fear that it may be intercepted before it reaches the Web server. To provide security for data transactions, full fledged Internet based electronic commerce software solutions are now available as merchant server solution turnkey programs. These have built-in features that create catalogs, generate HTML pages for browsers to access, interact with customers in a user-friendly interface, take orders over a secure connection, access back-end applications, and offer a easy-to-use environment for making changes to product information and prices. The software uses (a) Secure Sockets Layer (SSL) which is an encryption standard, and (b) Secure Electronic Transaction (SET), an information flow standard (Kent, 1997).
Secure Sockets Layer provides server authentication (by guaranteeing that the user is legitimate), data encryption, and message integrity (ensures that document hasn't been altered). SSL is placed between application protocols such as HTTP and above low level protocols such as TCP/IP. Secure Electronic Transaction on the other hand detail how payment card transactions are secured using heavy encryption technology and keys.
On user's end, newer versions of Web browsers have addressed the topic of security by providing built-in functions to promote secure communications. One such feature is the public key encryption technique. This type of encryption uses two keys: a public key and a private key that work together. The private key can decrypt files that have been encrypted by the public key. As an example, when a user accesses a Web server, information is sent to the user along with a public key. The user then fills out a form that it is sent back to the server by encoding it with the previously enclosed public key. When data reaches the Web server, a private key is used to decrypt the message (Peck, 1996).
Businesses planning to setup secure transactions on their Web servers can do so by using Site Certificates. A company first applies to a certificate authority that has been approved to issue certificates. The application is filed electronically by using an online application form and after verification by the certificate authority, a digital certificate is issued to the company. This security certificate can be installed on the company's Web server and is sent to a user when the secure document (such as ordering form) is requested. Figure 3 shows an example of a typical digital certificate.
Figure 3: Waterhouse Securities Web site (http: / /www. waterhouse . com) certificate
Information contained in the certificate includes owner name, issuing authority, dates certificate is valid through, and fingerprint information that is cryptic code which can be used to physically check authenticity of the certificate.
Businesses and entrepreneurs who have taken the first step towards Internet based transaction systems can be considered to be Web commerce pioneers. As mentioned earlier, the biggest obstacles remain privacy, security, and authentication issues. Companies that develop Web browsers have recognized this and in the short span of less than two years have made successful attempts to address these issues. Once digital payments come to be accepted on par with regular over-the-counter consumer credit card sales, the Web will expedite financial transactions that are completed electronically. This will reduce outstanding balances and ultimately help bring together separate work processes and business functions which will enable manufacturers and suppliers quickly delivery competitively priced goods tailored to customers needs in today's fast changing market.
Amano, T, & Blohm, R. (1997). Rising Tide. WebWeek, 3(8), 34.
Dwight, J. & Erwin, M. (1996). Special Edition Using CGI. IN: Que.
Falk, B. (1996). Internet Roadmap. CA: Sybex.
Kent, P. (1997). Using Netscape Communicator 4. IN: Que
Peck, S. (1996). WebSite Professional Advanced Topics. CA: O'Reilly.
Sivori, J. R. (1996, June). Evaluated Receipts and Settlement, Communications of ACM, 39(6), 24-28.