E-COMMERCE: Definitions of E-commerce, “E-Commerce means electronic commerce, i.e. business transactions done through your PC over internet or networks that are set up by companies for their exclusive use”. “E-commerce is Electronic commerce that consists of the buying and selling of products or services over electronic systems such as the Internet and other computer networks”. “Electronic commerce or ecommerce is a term for any type of business, or commercial transaction that involves the transfer of information across the Internet. It covers a range of different types of businesses, from consumer based retail sites, through auction or music sites, to business exchanges trading goods and services between corporations”. Ecommerce allows consumers to electronically exchange goods and services with no barriers of time or distance. Electronic commerce has expanded rapidly over the past five years and is predicted to continue at this rate, or even accelerate. In the near future the boundaries between "conventional" and "electronic" commerce will become increasingly blurred as more and more businesses move sections of their operations onto the Internet. A large percentage of electronic commerce is conducted entirely electronically for virtual items such as access to premium content on a website, but most electronic commerce involves the transportation of physical items in some way. Online retailers are sometimes known as e-tailers and online retail is sometimes known as e-tail. Electronic commerce is generally considered to be the sales aspect of e-business. It also consists of the exchange of data to facilitate the financing and payment aspects of the business transactions.
FUNCTIONS OF E-COMMERCE: There are many functions of e-commerce some of them are as follows: 1. COMMUNICATION: It is basically the delivery of information or documents to facilitate business transactions. E.g.: E-Mail. 2. PROCESS MANAGEMENT: It includes process improvement functions, which cover automation and improvement of business processes. 3. SERVICE MANAGEMENT: It is the application of technology to improve the services. 4. TRANSACTION CAPABILITY: It provides the ability to buy or sell on the internet or some other on line service. The retail Webster of Amazon.com is a good example.
TYPES OF E-COMMERCE: There are three types of E-Commerce: 1. Business to Business, 2. Business to Consumer, and 3. Consumer to Consumer. BUSINESS-TO-BUSINESS: On the Internet, B2B (business-to-business), also known as e-biz, is the exchange of products, services, or information between businesses rather than between businesses and consumers. Business-tobusiness (B2B) describes commerce transactions between businesses, such as between a manufacturer and a wholesaler, or between a wholesaler and a retailer. B2B is also used in the context of communication and collaboration. Many businesses are now using social media to connect with their consumers (B2C); however, they are now using similar tools within the business so employees can connect with one another. When communication is taking place amongst employees, this can be referred to as "B2B" communication. For example, an automobile manufacturer makes several B2B transactions such as buying tires, glass for windscreens, and rubber hoses for its vehicles. BUSINESS TO CONSUMER Business-to-consumer (B2C, sometimes also called Business-to-Customer) describes activities of businesses serving end consumers with products and/or services. B2C is an acronym for "business to consumer". A B2C business is one that provides products or services direct to the consumer. An example of a B2C transaction would be a person buying a pair of shoes from a retailer. The transactions that led to the shoes being available for purchase, that is the purchase of the leather, laces, rubber, etc. However, the sale of the shoe from the shoemaker to the retailer would be considered a (B2B) transaction. Examples of a B2C business include: • • •
A gourmet pet foods business A home staging business A pet sitting business
CONSUMER-TO-CONSUMER Consumer-to-consumer (C2C) (or citizen-to-citizen) electronic commerce involves the electronicallyfacilitated transactions between consumers through some third party. A common example is the online auction, in which a consumer posts an item for sale and other consumers bid to purchase it; the third party
generally charges a flat fee or commission. The sites are only intermediaries, just there to match consumers. They do not have to check quality of the products being offered.
Consumer-to-consumer (C2C) marketing is the creation of a product or service with the specific promotional strategy being for consumers to share that product or service with others as brand advocates based on the value of the product. The investment into conceiting and developing a top of the line product or service that consumers are actively looking for is equitable to a Business-to-consumer (B2C) pre launch product awareness marketing spend. Example of C2C e-commerce is eBay, etc.
WEY TO SCORE IN E-COMMERCE: 1. Develop a great product: Find out what people are dying for, and then design a product to quench their thirst. 2. Build a website for selling those products: That website must be built tight, easy to use and easy to navigate. 3. Attract customers: Targeted customers through publicity and advertisement must be attracted.
SECURITY THREATS TO ELECTRONIC COMMERCE: Most businesses that have made the move towards an online presence have experienced some kind of security threat to their business. Since the Internet is a public system in which every transaction can be tracked, logged, monitored and stored in many locations, it is important for businesses to understand possible security threats to their business. There are many threats to e-commerce that may come from sources within an organization or through some external channel. The following are the top corporate security threats categorized by internal and external threats.
•
Unauthorized internal users who accesses confidential information by using stolen passwords for the purpose of committing fraud or theft.
•
Former employees of an organization that maintain access to information resources directly by creating alternative passwords, “back doors” into the computer system, or indirectly through former co-workers.
•
Weak access points in information infrastructure and security that can expose company information and trade secrets.
•
Management that undermines security is maybe the greatest risk to e-commerce as there.
•
Contractors, partners, consultants, and temps who take advantage of even limited access to important systems.
•
Peoples mentality on Internet security is changing this is evident through the increase in sales of antivirus software and subscriptions to email virus protection.
•
Businesses may take Visa’s lead of requiring its service providers and merchants to have firewalls, encryption, as well as testing and access policies as a condition of doing business with them. They feel that the security of their B2B partner is as important as their creditworthiness.
E-GOVERNANCE: E-Governance can be defined as the delivery of government services and information to the public using electronic means. Use of Information technology (IT) in government offices results in efficient, speedy and transparent process for disseminating information to the public and other agencies, and for effectively performing the activities of government administration. It also drives down communication costs and gives citizens easy access to real benefits. Today almost every state in India has an IT policy and there is a huge potential for deploying information technology to offer better government services to the people. The chairman of Nasscom, Dewang Metha once said that when common citizen will be able to do various jobs on the net like lodge a FIR in a police station on the net, submit telephone and electricity bills on the web, booking railway tickets, reminders of insurance premium and deposit premium, obtain land records and housing development information, and perform common banding operations then, EGovernance is said to be achieved. E-Government also referred as electronic government, e-gov, digital government, online government or in a certain context transformational government. E-Governance refers to government's use of information technology to exchange information and services with citizens, businesses, and other arms of government. E-Government may be applied by the legislature, judiciary, or administration, in order to improve internal efficiency, the delivery of public services, or processes of democratic governance. It also refers to the citizen to government interaction including the feed back of policies the primary delivery models are Government-to-Citizen or Government-to-Customer (G2C), Government-to-Business (G2B) and Government-to-Government (G2G) & Government-to-Employees (G2E). The most important anticipated benefits of e-government include improved efficiency, convenience, and better accessibility of public services.
ELECTRONIC DATA INTERCHANGE (EDI): Electronic Data Interchange, or EDI, is not a new technology and in fact has been around since the late 1960s, while EDI has benefited enormously from advances in technology, e.g. the introduction of the internet. Electronic Data Interchange is the computer-to-computer exchange of routine business data between trading partners in standard data formats. This definition contains 3 key concepts about EDI: 1. COMPUTER-TO-COMPUTER: EDI in its most efficient form flows directly out of a sender’s computer system directly into a receiver’s computer system without any human intervention; however, it is not always possible for EDI to flow in this most efficient manner. 2. ROUTING BUSINESS DATA: EDI is used for routine business documents like Purchase Orders and Invoices. It is not used for non-routine business documents like complicated contracts or information meant for humans to read and analyze. 3. STANDARD DATA FORMATS: A standard definition of the location and structure of the data is provided. Unstructured text is not EDI. EDI is not technology dependant. There are preferred ways to implement EDI in a company, but there are many approaches to choose from. The approach chosen should be driven by a company’s business needs, not a particular implementation or technology. In its simplest form, EDI is the computer to computer exchange, between two companies, of standard business documents in electronic format. There are two key elements in basic EDI. First, electronic documents replace paper based ones. Second, the exchange of documents takes place in a standardized format. Using these two basic concepts, any business can enter the world of EDI and begin taking advantage of the speed and economy of electronic commerce, or e-Commerce.
In today’s fast-paced business world, your business may already be moving in this direction, customers or suppliers may already be approaching you to begin trading information electronically. For the newcomer to EDI, it may seem a very confusing subject area. A document in EDI is any form of communication, usually paper based, sent between two companies, examples include: • •
Purchase Orders Invoices
• • • • • •
Shipping Notices Export / Import Notices Carrier to carrier waybills Funds transfer Design specifications Health insurance claims
EDI is essentially a data processing concept which is independent of communication protocols or transmission media. EDI is a logical outgrowth of the standard computerization going on within companies over the last few decades. With EDI, the type of electronic communication between departments within a company can now easily be extended to reach out to other companies or trading partners. EDI replaces human readable, paper or electronic based documents with machine readable, electronically coded documents. With EDI, the sending computer creates the message and the receiving computer interprets the message without any human involvement at all. One of the first places where many companies implement EDI is in the exchange of a purchase order, (PO). In the traditional method of processing a purchase order, a buyer or purchasing agent will go through a fairly standard procedure to create a purchase order, consisting of the following steps: • • • • •
A buyer reviews data from an inventory or planning system The buyer enters data into a screen in the purchasing system to create a PO, but does not print it EDI software creates an electronic version of the PO and transmits it automatically to the sender within minutes The vendor’s order entry system receives the PO and updates the system immediately upon receipt The buyer calls the vendor periodically to determine if the PO has been received and processed
BENEFITS OF EDI: There have many benefits of electronic data interchange such as: •
SPEED – Data can move directly out of one computer system and into another with little to no delay.
•
• •
ACCURACY – Errors are reduced because data is not being re-keyed. Error rates from entering data are between .5 – 3%. On large volumes of transactions, the possibility for the introduction of errors is enormous. SIMPLICITY – EDI standards specify how data will be formatted and where it can be found. SECURITY – Much less likely to lose information transmitted through EDI than information sent via mail. EDI can be accessed only by authorized users, and then there are audit trails and archives of data. EDI data cannot be easily changed by unauthorized users. It is also not subject to viruses.
These 4 benefits produce the following results: • • •
Faster buy-sell cycle time Faster cash flow Reduced order lead time
• • •
Reduced inventories Ability to conduct just-in-time manufacturing Improved trading partner relationships
ELECTRONIC PAYMENT SYSTEM: Electronic payments are the central part of E-Commerce activities as it deals with the strategies for the payment of goods and services by online customers. Electronic payments also refer to the activity of account settlement where the prompt settlement of payments is crucial. If the debit and credit to the bank account, customer and the company are not settled immediately or suffers due to conventional processing delays, then the entire business chain may be interrupted. Payment and settlement of the business chain may be interrupted. Payment and settlement of the business account are the bottleneck in all E-Commerce activities. Conventional instruments for payments such as demand draft, credit notes, and cheques are not suited to E-Commerce. The electronic version of this instrument also may not work well particularly when small payments are to be made. The supplier as well as the customer would like to settle the payment online when the amount to be paid is small. Conventional instruments are too slow to be processed and the overheads in processing such instruments may be high. Electronic Payment is defined as, “Electronic Payment is a financial exchange that takes place online between buyers and sellers. The content of this exchange is usually some form of digital financial instrument (such as encrypted credit card numbers, electronic cheques or digital cash) that is backed by a bank or an intermediary, or by a legal tender.” Various instruments which may used to make payment on the Internet are Credit/Debit cards, Smart Cards, Electronic Cash, Electronic Walled etc. Important issues related to the Electronic payment system include the methods, form and characteristic of payment instrument such as credit/debit cards, how to minimize the financial risk such as leakage of information, mistakes and frauds and finally devising methods for the completion of electronic payment cycle. Several protocols have been devised and deployed to provide the necessary security to payment transactions. The Netscape Navigator and MS Internet Explorer have promoted their payment protocols for safe payment transaction and these have been implemented in their web browsers. Some of the commonly used protocols for secured transaction are as follows: 1. Secure Electronic Payment Protocol (SEPP) 2. Secure Electronic Transaction Protocol (SETP) SEPP has been developed by Master Card and Netscape. It has been implemented in the Netscape web browsers. Secure Electronic Transaction Protocol it a new E-Commerce industry Standard. Many companies are implementing SET protocol and is has many features in common with SEPP. SET is also one of the popular protocols for safe electronic transaction. It was developed by Microsoft and VISA. SET uses the cryptographic standard and digital signatures to secure the authentication and verification is done using digital signatures.
Electronic Payments through SEPP Protocol: This protocol was developed jointly by Master Cards, e-Cash, Netscape and IBM. SEPP is open vendor free and license free specification for online payment transactions. SEPP works on the simple conventional process of signing and submission. This protocol involves three way communications involving to customer, company and the bank. The process is shown in the fig(1). As shown in the figure, the customer is a person who buys the product or services from a company. He does it by visiting the web site of the company. The customer is also a holder of a credit card and intends to pay for the purchased product and services through his credit card. The company’s web site displays and sells the items such as goods and services. It also accepts the payment from the customer against the purchased items and services.
Figure: EPS
Company’s Banker is essentially a bank that services the company’s account and processes credit card based transaction for the company. Certificate management system represents the agent or broker who creates and distributes the digital certificate to customers and other financial institutions. The agent works on behalf of the credit card issuer bank. The whole process of purchase is done in the following steps: 1. The customer sends an initial message to the company web site. 2. Company response by sending the invoice message, enabling the customer to validate goods and services of the company. 3. The customer then prepares the purchase order the credit cards details. The credit card details are so encrypted that can only be decrypted by the Bank.
4. The company receives the purchase order. The company then sends the encrypted credit card details to its banker. 5. The banker decrypts the credit card details and may verify from the credit issuer bank. 6. When the company’s banker verifies the authenticity of the credit card, is send an authorization response essentially contains the verification results of credit card. 7. The Company then sends to the customer a purchase order response. 8. Next step is the delivery of the product to the customer. The non-tangible items are delivered to the customer immediately and if the purchase order contains the delivery of a tangible item, the some are shipped by conventional means. The various factors that have leaded the financial institutions to make use of electronic payments are:
1. Decreasing technology cost: The technology used in the networks is decreasing day by day, which is evident from the fact that computers are now dirt-cheap and Internet is becoming free almost everywhere in the world.
2. Reduced operational and processing cost: Due to reduced technology cost the processing cost of various commerce activities becomes very less. A very simple reason to prove this is the fact that in electronic transactions we save both paper and time.
3. Increasing online commerce: a. Affecting the consumers: Credit cards, Debit Cards, ATMs (Automated Teller Machines), stored value cards, E-Banking.
b. Enabling online commerce: Digital Cash, E-Cash, Smart cards (or Electronic Purse) and encrypted Credit cards.
TYPES OF ELECTRONIC PAYMENT SYSTEM: Electronic payment systems are proliferating in banking, retail, health care, on-line markets. Organizations are motivated by the need to deliver products and service more cost effectively and to provide a higher quality of service to customers. The emerging electronic payment technology was labeled Electronic Funds Transfer (EFT). EFT is defined as any transfer of funds initiated through an electronic terminal, telephonic instrument or computer or magnetic tape so as to order, instruct or authorize a financial institution to debit or credit an account. EFT utilizes computer and telecommunication components both to supply and to transfer money or financial assets. Transfer is information-based and intangible. Thus, EFT stands in marked contrast to conventional money and
payment modes that rely on physical delivery of cash or checks by truck, train or airplane. Work on EFT can be segmented into three broad categories: 1. Banking and financial payments •
Large-scale or wholesale payments (e.g.: Bank-to-Bank transfer)
•
Small-scale or retail payments (e.g.: Automated teller machines and cash-dispensers)
•
Home banking (e.g.: Bill payment)
2. Retailing payments •
Credit cards (e.g.: VISA or Master cards)
•
Private label credit/debit cards
•
Change cards
3. On-line electronic commerce payments •
Token- based payment system 9 Electronic cash (e.g.: Digicash) 9 Electronic checks (e.g.: Netcheque) 9 Smart cards or debit cards
•
Credit card-based payment system 9 Encrypted credit cards (eg.: www from-based encryption) 9 Third-party authorization numbers
CREDIT CARDS Credit card is working on the postpaid mechanism. Credit cards are another payment instrument which has now become very common. Credit cards are issued by a financial institution which allows you to make purchases up to a certain limit on credit. Most of the credit card companies recognize the organization or shop etc. from where you may purchase the item. Payment of these items is made by the credit card company or your behalf. The credit card companies regularly send the bill to the customer for the customers for the shopping they have done. In E-Commerce, use of credit card is very common. If consumers want to purchase a product or service, they simply send their credit card details to the service provider involved and the credit card organization will handle this payment like any other transaction. Figure shows the various steps when items are purchased on the Internet through Credit cards.
The figure shows the processing of the credit card when an item is purchased from a company or the web. When the customer wishes to purchase items from a web site, he places the purchase order electronically and sends encrypted credit card number. This information will be sent to the customer bank through the credit card processor. After checking the authenticity of the credit card, the banks allow the company to go ahead with the purchase. The bank will issue an electronic token to the company. The customer bank will realize the payment through monthly or fortnightly bill sent to the customer.
ADVANTAGES AND DISADVANTAGES TO CREDIT CARDS ADVANTAGES: •
•
•
•
•
Purchase Power and Ease of Purchase - Credit cards can make it easier to buy things. If you don't like to carry large amounts of cash with you or if a company doesn't accept cash purchases (for example most airlines, hotels, and car rental agencies), putting purchases on a credit card can make buying things easier. Protection of Purchases - Credit cards may also offer you additional protection if something you have bought is lost, damaged, or stolen. Both your credit card statement (and the credit card company) can vouch for the fact that you have made a purchase if the original receipt is lost or stolen. In addition, some credit card companies offer insurance on large purchases. Building a Credit Line - Having a good credit history is often important, not only when applying for credit cards, but also when applying for things such as loans, rental applications, or even some jobs. Having a credit card and using it wisely (making payments on time and in full each month) will help you build a good credit history. Emergencies - Credit cards can also be useful in times of emergency. While you should avoid spending outside your budget (or money you don't have!), sometimes emergencies (such as your car breaking down or flood or fire) may lead to a large purchase (like the need for a rental car or a motel room for several nights.) Credit Card Benefits - In addition to the benefits listed above, some credit cards offer additional benefits, such as discounts from particular stores or companies, bonuses such as free airline miles or travel discounts, and special insurances (like travel or life insurance.) While most of these benefits are meant to encourage you to charge more money on your credit card (remember, credit
card companies start making their money when you can't afford to pay off your charges!) the benefits are real and can be helpful as long as you remember your spending limits.
DISADVANTAGES: •
•
•
Blowing Your Budget -- The biggest disadvantage of credit cards is that they encourage people to spend money that they don't have. Most credit cards do not require you to pay off your balance each month, so even if you only have $100, you may be able to spend up to $500 or $1,000 on your credit card. While this may seem like 'free money' at the time, you will have to pay it off -- and the longer you wait, the more money you will owe since credit card companies charge you interest each month on the money you have borrowed. High Interest Rates and Increased Debt:� Credit card companies charge you an enormous amount of interest on each balance that you don't pay off at the end of each month. Credit Card Fraud - Like cash, sometimes credit cards can be stolen. They may be physically stolen (if you lose your wallet) or someone may steal your credit card number (from a receipt, over the phone, or from a Web site) and use your card to rack up debts.
DEBIT CARD A debit card (also known as a bank card or check card) is a plastic card that provides an alternative payment method to cash when making purchases. Functionally, it can be called an electronic check, as the funds are withdrawn directly from either the bank account or from the remaining balance on the card. Debit cards may also allow for instant withdrawal of cash, acting as the ATM card for withdrawing cash and as a check guarantee card. ADVANTAGES OF DEBIT CARDS: •
A consumer who is not credit worthy and may find it difficult or impossible to obtain a credit card can more easily obtain a debit card, allowing him/her to make plastic transactions. For example, legislation often prevents minors from taking out debt, which includes the use of a credit card, but not online debit card transactions.
•
For most transactions, a check card can be used to avoid check writing altogether. Check cards debit funds from the user's account on the spot, thereby finalizing the transaction at the time of purchase, and bypassing the requirement to pay a credit card bill at a later date, or to write an insecure check containing the account holder's personal information.
•
Like credit cards, debit cards are accepted by merchants with less identification and scrutiny than personal checks, thereby making transactions quicker and less intrusive. Unlike personal checks, merchants generally do not believe that a payment via a debit card may be later dishonored.
•
Unlike a credit card, which charges higher fees and interest rates when a cash advance is obtained, a debit card may be used to obtain cash from an ATM or a PIN-based transaction at no extra charge, other than a foreign ATM fee.
DISADVANTAGES OF DEBIT CARDS: •
Use of a debit card is not usually limited to the existing funds in the account to which it is linked, most banks allow a certain threshold over the available bank balance which can cause overdraft fees if the users transaction does not reflect available balance.
•
Many banks are now charging over-limit fees or non-sufficient funds fees based upon preauthorizations, and even attempted but refused transactions by the merchant (some of which may be unknown until later discovery by account holder).
•
Many merchants mistakenly believe that amounts owed can be "taken" from a customer's account after a debit card (or number) has been presented, without agreement as to date, payee name, amount and currency, thus causing penalty fees for overdrafts, over-the-limit, amounts not available causing further rejections or overdrafts, and rejected transactions by some banks.
•
In some countries debit cards offer lower levels of security protection than credit cards. Theft of the users PIN using skimming devices can be accomplished much easier with a PIN input than with a signature-based credit transaction. However, theft of users' PIN codes using skimming devices can be equally easily accomplished with a debit transaction PIN input, as with a credit transaction PIN input, and theft using a signature-based credit transaction is equally easy as theft using a signature-based debit transaction.
•
In many places, laws protect the consumer from fraud much less than with a credit card. While the holder of a credit card is legally responsible for only a minimal amount of a fraudulent transaction made with a credit card, which is often waived by the bank, the consumer may be held liable for hundreds of dollars, or even the entire value of fraudulent debit transactions. The consumer also has a shorter time (usually just two days) to report such fraud to the bank in order to be eligible for such a waiver with a debit card, whereas with a credit card, this time may be up to 60 days. A thief who obtains or clones a debit card along with its PIN may be able to clean out the consumer's bank account and the consumer will have no recourse.
VIRTUAL ORGANIZATION STRUCTURE: E-Commerce application can alter as: How data are collected, How transactions are completed, What work humans do? It can also impact the way organizations are structured. Two new forms of organizational structure are prominent: a. Virtual or network organization structure b. Brokerage structures.
Virtual enterprise now a day have gained much attention as more and more such firms have emerged in industries ranging from computer chip manufacturing to aircraft manufacturing.
VIRTUAL ORGANIZATION: Virtual organization is a relatively new concept that has emerged in the beginning of 1990s. The Virtual organization is defined as being closely coupled upstream with its suppliers and downstream with its customers. It is an organization having the essence or effort of a traditional corporation without the structure or appearance of one. In the virtual organization, each separate firm retains authority in major budgeting and pricing matters and functions as part of a greater organization coordinated by the core firm acting as integrator of the actions done by the various partners. Interdependence among partners differentiates the virtual corporation from the traditional hierarchy. Companies adept to coordinating and maximizing the capabilities of suppliers will gain more control over key elements of time-from overall order-to-shipment lead time to product-specific cycle time. In addition, full-fledged alliances that tap the resources of multiple parties will effectively slash product-or- processdevelopment time. Some definitions of virtual organization: “Virtual organization is a dynamic collection of individuals and institutions which are required to share resources to achieve certain goals”. “The term virtual organization is used to describe a network of independent firms that join together, often temporarily, to produce a service or product”. Virtual organization refers to both the numbers of a switchable inter-organizational electronic network and to the network itself that delivers non-standard products”. Virtual organizations are also referred to as network organizations, organic networks, hybrid arrangements and value-adding partnerships. This phenomenon has been driven by the effort to achieve greater effectiveness and responsiveness in an extremely competitive environment marked by increasing globalization, technological change and customer demands.
CHARACTERISTICS OF A VIRTUAL ORGANIZATION: On the basis of above discussion, we can infer that virtual organization possess the following important characteristics: 1. A virtual organization does not have a physical presence but exists electronically (virtually) on the internet. 2. A virtual organization is not constrained by the legal definition of a company. 3. A virtual organization is formed in an informal manner as an alliance of independent legal entities. 4. Principal of synergy (many–to-one). Virtual organization exhibits a unifying property because it is constituted from different organizational entities that create an effect of a single organization. 5. Principle of divergence (one-to-many). A single organization can exhibit multiplication property by participating in many virtual organizations at the same time. 6. Partners in virtual organizations share risks, costs and rewards in search of a global market. The common characteristics of these opportunities, worlds-class core competence, information networks, and interdependent relationships. 7. Dynamic virtual organizations have a capability to unite quickly. ADVANTAGES OF VIRTUAL ORGANIZATION: 1. Virtual organizations make it possible to satisfy constantly changing customer and market requirements in a competitive manner. 2. With the help of virtual organizations, it becomes possible to provide services precisely tailored to a specific customer need. 3. Virtual organizations provide ability to participate in the total service range a company can offer to its customers. 4. Participation in virtual organization increases the total number of end-customers a company can reach indirectly via its partners. 5. By participation in a virtual organization the concept-to-cash time is reduced. DISADVANTAGES OF VIRTUAL ORGANIZATION: The most challenging part of virtual organizations is the establishment and maintenance of trust. This trust needs to be established at several levels: authentication, policy based management, business rules. The main challenges related to the trust establishment are: 1. Each party has its own policies on access control and conditions of use.
2. Virtual organization parties need to establish trust between them on a peer-to-peer basis. 3. The allocation of resources is often dynamic since the structure of virtual organizations may change dynamically. This implies that the virtual organization initiator may not know a priori that additional resources may be required. 4. Parties may be located in different countries under different jurisdictions and, as a consequence, stick on to different legal and business requirements/ 5. Security system of virtual organization partners must be mutually trusted. This brings up the challenge to come up with an effective and flexible security system. 6. Confidentiality, privacy, integrity, availability and accountability at a virtual organization level have to be assured. At the same time parties have to provide access to their services and resources, as specified in agreements.
BROKERAGES: The goal of electronic brokerages is to increase the efficiency of the internal market place. Internal markets are beginning to appear not only in corporations but even in non-business institutions like the government. They are created inside organizations, allowing firms, suppliers and government agencies to meet the new challenges of a fast-changing environment. What is happening in a number of large organizations that are decentralizing into autonomous business units to capture the dynamism of the market place? Internal markets aided by computing will be replacing the organization structure of the past: vertically and horizontally integrated organizations. The change over to internal markets is difficult even with the best planning, yet more organizations are moving in this direction because economic realities demand it. Corporations must master an intensely competitive global economy that requires massive technical and management innovation. These corporations require a clear organizational structure to manage these work flows and the agents or brokers carrying out the work flow in the virtual organization. Reasons for organizations becoming virtual, it includes: • • • • • •
Globalization, with growing trends to include global customers, Ability to quickly pool expert resources, Creation of communities of excellence, Rapidly changing needs, Increasingly specialized products and services, Increasing required to use specialized knowledge
BIOMETRICS Biometrics is the science and technology of measuring and analyzing biological data. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes.
The term biometrics comes from the Greek words bios meaning life and metrics meaning measure. Everyone known that we all intuitively use some body characteristics such as face, gait or voice to recognize each other. Since today, a wide range of applications require reliable verification schemes to confirm the ID of an individual, recognizing humans on the basis of their body characteristics has become more and more interesting in emerging technology applications. Biometrics is an important method for physical access control. Biometrics is basically a collection of methods for identification based on measuring the physiological characteristics that are unique to each and every individual. Some of these characteristics are: •
Voice
•
Fingerprints
•
Body contours
•
Retina and Iris
•
Handwriting style/hand written signature
FIG: THE BASIC BLOCK DIAGRAM OF A BIOMETRIC SYSTEM
Biometrics methods, in general, involve performing some human action for configuring a system used to recognize the physiological parameters of the ID to be authenticated, for e.g.:
1. Drawing a few signatures so that the system can analyze and record their characteristic/pattern. 2. Looking into a scanning apparatus in order to record retinal pattern. 3. Intoning words for the analysis and recording of voice patterns. 4. Collecting multiple video shots of a person walking (Gait acquisition).
BIOMETRIC SYSTEM GOALS: A biometric system can be designed to test one of only or possible hypotheses: •
The submitted samples are from an individual known to the system.
•
The submitted samples are from an individual not known to the system.
Applications to test the first hypothesis are called “Positive identification” system while applications testing the latter are called “negative identification” system. TYPES OF BIOMETRICS: •
Overt Vs Covert:
The first partition is “overt and covert”. If the user is aware that a biometric identifier is being measured, the user is overt. If unaware, he/she is covert. Almost all conceivable access control and non-forensic applications are overt. Forensic applications can be covert. •
Habituated Vs Non- Habituated:
This applies to the intended users of the application. Users presenting a biometrics trait on a daily basis can be considered habituated after a short period of time. Users who have not presented the trait recently can be considered “non-habituated”. •
Attended Vs Non-Attended:
This partition refers to whether the use of the biometrics device during operation will be observed and guided by system management. •
Open Vs Closed:
If a system is to be open, data collection, compression and format standards are required. A closed system can operate perfectly well on completely proprietary formats.
CHARACTERISTICS OF BIOMETRICS: Biometric characteristics can be divided in two main classes. •
•
Physiological are related to the shape of the body. Examples include, but are not limited to fingerprint, face recognition, DNA, Palm print, hand geometry, iris recognition (which has largely replaced retina). Behavioral are related to the behavior of a person. Examples include, but are not limited to typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics for this class of biometrics.
Strictly speaking, voice is also a physiological trait because every person has a different vocal tract, but voice recognition is mainly based on the study of the way a person speaks, commonly classified as behavioral. CRITERIA FOR SELECTION OF BIOMETRICS SYSTEMS: It is possible to understand if a human characteristic can be used for biometrics in terms of the following parameters: • • • • • • •
Universality – each person should have the characteristic. Uniqueness – is how well the biometric separates individuals from another. Permanence – measures how well a biometric resists aging and other variance over time. Collectability – ease of acquisition for measurement. Performance – accuracy, speed, and robustness of technology used. Acceptability – degree of approval of a technology. Circumvention – ease of use of a substitute.
Selecting the right biometric is a complicated problem that involves more factors than just accuracy. It depends on cost, error rates, computational speed, acquit-ability, privacy and ease of use.
DESIGN ISSUES IN BIOMETRICS SYSTEM: A generic biometrics system goes through six basic steps as discussed below. The last two steps are used only during the recognition phase. 1. SAMPLE ACQUISITION This is the first step, in this step, the biometrics data is collected using an appropriate sensor, for example, an image capture in the case of iris recognition or a saliva sample in case of DNA. A biometric system captures the sample of biometric characteristics like fingerprint, voice etc of the person who want to login to the system.
2. FEATURE EXTRACTION In this step, the sample is transformed into the template. In general, the template is numeric data. Unique data are extracted from the sample and a template is created. Unique features are then extracted by the system and converted into a digital biometric code. This sample is then stored as the biometric template for the individual.
3. QUALITY VERIFICATION In this step, a reference image or template image is established by repeating the first two operations as many times as needed so as to ensure that the system has captured and recognized the data correctly.
4. STORAGE OR REFERENCE TEMPLATE In this step, reference templates are registered. Several storage media can be used but the choice depends on the requirements of the applications. The template is compared with a new sample. The biometric data are then stored as the biometric template or reference template for that person.
5. MATCHING In this step, the real time input data from an individual is compared with the reference templates or images.
6. DECISION In this step, the result of the matching step is used to declare a result. Application dependent criteria for example, decision threshold are kept into consideration while taking decisions about the authenticity of and individual. The system then decides whether the features extracted from the new sample are a match or a non-match with the template. When identity needs checking, the person interacts with the biometric system, a new biometric sample is taken and compared with the template. If the template and the new sample match, the person’s identity is confirmed else a non-match is confirmed.
KEY SUCCESS FACTORS FOR BIOMETRICS SYSTEM: For any effective biometric system, there are a few important factors associated with it like accuracy, speed and throughput rate, acceptance by users, reliability, data storage requirements etc.
1. ACCURACY: •
•
•
False Accept Rate or False Match Rate (FAR or FMR) – the probability that the system incorrectly matches the input pattern to a non-matching template in the database. It measures the percent of invalid inputs which are incorrectly accepted. False Reject Rate or False Non-Match Rate (FRR or FNMR) – the probability that the system fails to detect a match between the input pattern and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected. Receiver Operating Characteristic or Relative Operating Characteristic (ROC) – The ROC plot is a visual characterization of the trade-off between the FAR and the FRR. In general, the matching algorithm performs a decision based on a threshold which determines how close to a
•
• • •
template the input needs to be for it to be considered a match. If the threshold is reduced, there will be less false non-matches but more false accepts. Correspondingly, a higher threshold will reduce the FAR but increase the FRR. A common variation is the Detection error trade-off (DET), which is obtained using normal deviate scales on both axes. This more linear graph illuminates the differences for higher performances (rarer errors). Equal Error Rate or Crossover Error Rate (EER or CER) – the rate at which both accept and reject errors are equal. The value of the EER can be easily obtained from the ROC curve. The EER is a quick way to compare the accuracy of devices with different ROC curves. In general, the device with the lowest EER is most accurate. Failure to Enroll Rate (FTE or FER) – the rate at which attempts to create a template from an input is unsuccessful. This is most commonly caused by low quality inputs. Failure to Capture Rate (FTC) – Within automatic systems, the probability that the system fails to detect a biometric input when presented correctly. Template Capacity – the maximum number of sets of data which can be stored in the system.
2. SPEED AND THROUGHPUT RATE: One of the important characteristics of biometric system is speed and throughput. Data processing capability of the biometrics system decided the speed; it is stated as how fast they take the accept or reject decisions. As per the generally accepted standards are concerned, a system speed of 5sec from start-up through decision enunciation is considered to bee good, but it is not easy for most biometrics system to meet these standards.
3. ACCEPTABILITY BY USERS: User acceptability is one of the biggest challenges for the deployment of biometrics systems. Biometrics system acceptance occurs when the user of the system i.e. , management and unions involved in the organization need to come to an agreement that biometrics should be deployed for the protection of organizational assets. The management is also responsible about the implementation based on the cost/benefit associated with the biometrics system.
4. UNIQUENESS: For business systems, it is very important that they should be based on unique characteristics of the individuals. If the biometrics system is based on unique characteristics, it can provide a positive identification rather than a statement of high probability that it is the right person. There are three physical characteristics that are considered to be unique; the fingerprint, the retina of eye, and the iris of eye.
5. RELIABILITY: Another vital success factor of biometrics system is the reliability of the biometrics. The concept of ‘reliability’ is related to the concept of ‘selectivity’. Reliability is the probability that the system will correctly identify the mate when the mate is present in the system repository, whereas selectivity is the number of incorrect mates determined for a given search.
