E-COMMERCE

UNIT 01- E-COMMERCE

DIFFERENCE BETWEEN E-COMMERCE AND E-BUSINESS:
S.No. E-COMMERCE E-BUSINESS
01. E-Commerce refers to the E-Business refers to performing all type of
performing online commercial business activities through internet.
activities, transactions over internet.
02. E-Commerce is a narrow concept, E-Business is a broad concept, and it is
and it is considered as a subset of E- considered as a superset of E-Commerce.
Business.
03. In e-commerce transactions are In e-business transactions are not limited.
limited.
04. It includes activities like buying and It includes activities like procurement of raw
selling products, making monetary materials/goods, customer education, supply
transactions, etc. over internet. activities buying and selling product, making
monetary transactions etc. over internet.
05. It usually requires the use of only a It requires the use of multiple websites,
website. CRMs (customer relationship management),
and ERPs (Enterprise resource planning) that
connect different business processes.
07. It involves mandatory use of It involves the use of internet, intranet, or
internet. extranet.
08. E-commerce is more appropriate in E-business is more appropriate in the
Business to Customer (B2C) Business to Business (B2B) context.
context.

CHARACTERISTICS OF E-COMMERCE:
1. Online presence
2. Electronic Transactions
3. Wide Product Range
4. Personalization/Customization
5. Real-time transactions
6. Increased efficiency
7. Competitive Pricing
8. Global Reach
9. Convenience
SCOPE OF E-COMMERCE:
1. Omnichannel presence and support (24/7 services through chatbots)
2. Customer experience (rating and feedback)
3. High levels of personalization
4. Mobile friendliness
5. Image recognition turned product recognition.

UNIT 03- BUSINESS MODELS

THE UNCITRAL MODEL LAW ON ELECTRONIC COMMERCE (1996)
It is a legal framework developed by the United Nations Commission on International Trade
Law (UNCITRAL) to provide a template for countries to create legislation that facilitates
electronic commerce (e-commerce) and the use of electronic communications in international
trade.
Aims of UNCITRAL - to address legal barriers associated with conducting business
electronically, give recognition to electronic records, and promote the use of electronic
transactions.
The fundamental Principles of UNCITRAL were:
1. Non-Discrimination- No discrimination between physical and electronic forms of
document and a document would not be denied legal effect, validity, or enforceability
solely because it is in electronic form.
2. Technological Neutrality- Mandates the adoption of provisions that are neutral
concerning the technology used. (law should grow with times in the light of technology)
3. Function Equivalence - It emphasizes that electronic communications and signatures
should be treated as equivalent to their paper-based counterparts, as long as they meet
certain functional criteria.
E-COMMERCE INFRASTRUCTURE
E-commerce infrastructure refers to all the facilities and tools needed to run your e-commerce
business. This includes the hardware, software, network, and services that support your
operations from start to finish.
With the right e-commerce infrastructure, you can not only optimize your performance but also
prepare your business to scale.
Components Of an E-Commerce Infrastructure:
1. Technology and Servers
2. Sales & Marketing
 3. Security & Fraud Prevention
4. Customer Service
5. Inventory Management
6. Payment Processing System
7. Content Delivery Network (CDN)e-commerce
VARIOUS MODELS OF E-COMMERCE BUSINESS
Business to Business (B2B): B2B is an e-
commerce business between one business
firm to another business such as a
manufacturer and a wholesaler or between a
wholesaler and a retailer. Here the companies
sell their online goods to other companies
without being engaged in sales to consumers.
E.g.: Amazon, Alibaba, IndiaMart, etc.
Business to Consumer (B2C): B2C is an e-
commerce business between a business firm
and a consumer or customer. Here the business
sells its online goods to consumers who are the
end users of their products or services. E.g.:
Amazon, eBay, Myntra, Nykaa, Uber, etc.

Consumer to Business (C2B): C2B is a type

of business model where the customer provides
a service or product to the business. This is the
reverse of the typical business-to-consumer
model (or B2C), in which a company provides
a service to customers through the sale of goods
and services. The internet and social media
make a C2B model possible by connecting
customers who can offer their marketing
services to companies for a payoff. Eg: Affiliate
Marketing.

Consumer to Consumer (C2C): C2C is an

e-commerce business in which individual
customers offer to sell products and services
to other individuals who are prepared to
 purchase them. E.g.: OLX, Quickr, Amazon
Marketplace, eBay, Etsy, etc.
INNOVATIVE EMERGING E-COMMERCE BUSINESS MODELS

• Dropshipping: Dropshipping refers to store owners partnering with third-party

wholesale suppliers who directly ship the products to the consumers. This model
doesn’t need you to manage storage and inventory upfront. Other than affordability, this
model can offer many other benefits. This makes it a safer option for many e-commerce
owners today, especially those who want to cut costs.
• Print-on-Demand: Print-on-Demand requires another party to handle the products’
printing, packing, and shipping and is one of the most profitable e-commerce business
models today.
• Subscription: When it comes to e-commerce business models, Subscription is the one
most of us have been consumers of. Are you a Netflix or Spotify subscriber? There it
is! Customers pay a cost to access a product or service at regular intervals, commonly
monthly or yearly, under a subscription business model. Today, recurring revenue
models increasingly growing in popularity because they lead to higher revenues and
stronger customer relationships.
• Digital products: A digital product is a nonphysical asset or media type that can be
sold and distributed online, repeatedly, without restocking inventory. These products
often come in the form of downloadable, streamable, or transferrable digital files, such
as MP3s, PDFs, videos, plug-ins, and templates.
• Freemium: A freemium business is when a merchant offers both a free and a paid
version(s) of its product or service. This is typically used for B2C or B2B businesses.
Oftentimes, software companies and software-as-a-service (SaaS) businesses use this
approach. The freemium business model allows merchants to create relationships with
new customers easily since there’s no cost or commitment to sign up and try it out. The
way freemium businesses earn money is by getting these people to use and love their
platform so much that they want access to additional features—features they have to
pay for.
• Niche E-commerce: These are specialized online stores that cater to specific markets
or niches. Examples include online stores that sell only organic and sustainable products
or stores focused on a particular hobby or interest.
MODELS OF E-COMMERCE LAWS IN INDIA UNDER STATUTES AND
COMPLIANCES
Laws Governing E-Commerce

• Information Technology Act, 2000 ("IT Act")- Section 43A (Compensation for
failure to protect data), Section 84A (Modes or methods for encryption), Information
Technology (Reasonable security practices and procedures and sensitive personal data
or information) Rules, 2011 and Information Technology (Guidelines for Intermediaries
and Digital Media Ethics Code) Rules, 2021. Laws governing electronic signatures,
electronic records, and electronic transactions establish legal frameworks for
 conducting business electronically, ensuring the validity and enforceability of
electronic contracts and transactions such as in the IT Act, of 2000.
• Consumer Protection Act, 2019 and Consumer Protection (E-Commerce) Rules,
2020: The E-Commerce Rules provide a framework to regulate the marketing, sale, and
purchase of goods and services online. Various laws protect consumers engaging in e-
commerce transactions, such as laws governing online sales contracts, consumer rights
to refunds or cancellations, and regulations related to product safety and labeling.
• Data Protection and Privacy Laws: E-commerce businesses must comply with data
protection and privacy laws governing the collection, processing, and storage of
personal data. The Digital Personal Data Protection Act (DPDP) of 2023 is a landmark
legislation that provides a comprehensive framework for personal data protection.
• Taxation Laws: E-commerce businesses must adhere to tax laws applicable to online
sales, including requirements for collecting and remitting sales tax, value-added tax
(VAT), and other taxes based on the jurisdiction of the buyer and seller.

UNIT 04- BUILDING AN E-COMMERCE WEBSITE, SECURITY, AND

PAYMENT
SECURITY THREATS TO E-COMMERCE
The people who buy goods that are the retailers from e-commerce sites face security problems
and lose their money and data every year. The retailers are aware of the security threats and the
ways to control them depending on the threat as given below:

• VIRUS: Effect of Threat: A virus is a piece of code that, when loaded onto a computer,
is capable of attaching itself to other files and repeatedly replicating itself, usually
without user knowledge. Some viruses can lie dormant until activated by a trigger such
as a date (for example, logic bombs). Measures of Protection: Anti-virus software
protects against infection. Exercise caution with unsolicited emails, especially if they
have attachments. When in doubt, delete.
• WORM: Effect of Threat: A worm is a type of malware or malicious software that
exploits vulnerabilities in your security software to steal sensitive information, install
backdoors that can be used to access the system, corrupt files, and do other kinds of
harm. Worms consume large volumes of memory, as well as bandwidth. Unlike a virus,
a worm doesn’t need human action to propagate once inside a network. It replicates
itself and can spread to different computers via Network. Measures of Protection:
Most Anti-Virus software will stop worms or help fix the computer after infection.
Exercise other precautionary measures as for viruses generally.
• TROJAN HORSE: Effect of Threat: A Trojan Horse Virus is a type of malware that
downloads onto a computer disguised as a legitimate program. The delivery method
typically sees an attacker use social engineering to hide malicious code within
legitimate software to try and gain users' system access with their software. A simple
way to answer the question “What is Trojan” is it is a type of malware that typically
gets hidden as an attachment in an email or a free-to-download file, and then transfers
 onto the user’s device. Once downloaded, the malicious code will execute the task the
attacker designed it for, such as gaining backdoor access to corporate systems, spying
on users’ online activity, or stealing sensitive data. Measures of Protection: Most Anti-
Virus software will stop Trojan Horse viruses or help fix the computer after infection.
Exercise other precautionary measures for viruses generally.
• DENIAL OF SERVICE (DOS) ATTACK: Effect of Threat: A Denial of Service
(DoS) attack is a malicious attempt to disrupt the normal functioning of a targeted
server, service, or network by overwhelming it with a flood of traffic or requests. The
goal of a DoS attack is to render the target inaccessible to its intended users, thereby
denying them access to the services provided by the system. Such as the number of pop-
ups during a Black Friday sale to disrupt the use of e-commerce websites. Measures of
Protection: Anti-DoS attack software programs are available to assist in securing
networks.
• PORT SCANNING: Effect of Threat: Port scanning is like checking the doors and
windows of a house to see which ones open and which ones are closed. In computer
terms, it's a way for someone to see which communication pathways (called "ports") on
a computer or network are open and can be accessed. Just like a thief might check
different entry points to see if they can get into a house, someone conducting a port
scan might check different ports on a computer or network to see if they can gain access
or find vulnerabilities. Port scanning can be used for both legitimate purposes, like
checking the security of a network, and for malicious purposes, like trying to find weak
spots to attack. Measures of Protection: Firewalls can protect computers and servers
from port scanning.
• PHISHING: Effect of Threat: Phishing happens when an unsuspecting victim
responds to fraudulent requests that demand action. This action can include
downloading an attachment, clicking a link, filling out a form, updating a password,
calling a phone number, or using a new Wi-Fi hotspot. Measures of Protection: Ensure
that you report phishing whenever come across such a threat and users should carefully
inspect URLs before clicking on links in emails or messages, paying attention to
misspellings, unusual domain names, or suspicious redirects.
TECHNOLOGY SOLUTIONS

• Use Multi-Layer Security: It is helpful to employ various security layers to fortify

your security. A Content Delivery Network (CDN) that is widespread can block DDoS
threats and infectious incoming traffic. They use machine learning to keep malicious
traffic at bay. You can go ahead and squeeze in an extra security layer, such as Multi-
Factor Authentication. A two-factor authentication is a good example. After the user
enters the login information, they instantly receive an SMS or email for further actions.
By implementing this step, it blocks fraudsters as they will require more than just
usernames and passwords to access the legit users’ accounts.
• Use of Secure Server Layer (SSL) Certificates: SSL (Secure Sockets Layer)
certificates are digital certificates that establish a secure encrypted connection between
a web server (where your website is hosted) and a web browser (like Chrome, Firefox,
 or Safari). They play a critical role in securing data transmitted over the internet,
particularly for sensitive information such as login credentials, credit card numbers, and
personal details. When a website has an SSL certificate installed, it enables the use of
HTTPS (Hypertext Transfer Protocol Secure) instead of HTTP in the website's URL.
This HTTPS protocol indicates to users that the connection is secure, typically denoted
by a padlock icon in the browser's address bar.
• Use a rock-solid firewall: A firewall is a network security device or software
application that monitors and controls incoming and outgoing network traffic based on
predetermined security rules. It acts as a barrier between a trusted internal network and
untrusted external networks (such as the Internet) to prevent unauthorized access,
malicious attacks, and data breaches. Firewalls play a crucial role in network security
by enforcing access control policies, protecting against unauthorized access and cyber
threats, and maintaining the confidentiality, integrity, and availability of data and
resources within a network.
• Get Anti-Malware Software: Anti-malware software, also known as antivirus
software, is a type of security program designed to detect, prevent, and remove
malicious software (malware) from computer systems. Malware encompasses various
types of harmful software, including viruses, worms, Trojans, ransomware, spyware,
adware, and rootkits, among others. Anti-malware software is an essential component
of a layered approach to cybersecurity, complementing other security measures such as
firewalls, intrusion detection systems, and security awareness training. By detecting
and removing malware infections, it helps safeguard computer systems and data against
a wide range of cyber threats.
MANAGEMENT POLICIES FOR E-COMMMERCE
1. Privacy Policy: E-commerce businesses typically establish privacy policies outlining
how they collect, use, store, and protect customer data. These policies often address
consent for data collection, data security measures, data sharing practices, and users'
rights regarding their personal information.
2. Security Policy: Management policies related to cybersecurity outline measures to
protect e-commerce platforms from threats such as data breaches, hacking attempts,
and malware. They may include requirements for encryption, secure authentication
methods, regular security audits, and incident response procedures.
3. Customer Service Policy: E-commerce businesses develop customer service policies
to ensure high-quality service, addressing issues such as order fulfillment, returns and
refunds, product warranties, shipping policies, and responsiveness to customer inquiries
or complaints.
4. Ethical Conduct Policy: E-commerce businesses may establish policies to promote
ethical conduct among employees, suppliers, and partners. These policies address issues
such as honesty, integrity, fair competition, anti-corruption, and compliance with laws
and regulations.
ELECTRONIC BILL PRESENTMENT AND PAYMENT (EBPP)
It refers to a process that allows businesses and organizations to present bills or invoices
electronically to their customers and enables customers to pay those bills electronically through
various payment channels. EBPP systems streamline the billing and payment process, offering
convenience, efficiency, and cost savings for both businesses and consumers.
Here's how EBPP typically works:
Step 1- Bill Presentment: Businesses generate bills or invoices for goods or services rendered
and deliver them electronically to customers through various channels, such as email, mobile
apps, or online portals. The bills may include detailed information about the charges, due dates,
payment options, and instructions for payment.
Step 2- Payment Options: EBPP systems offer customers multiple payment options to settle
their bills electronically, including credit/debit card payments, bank transfers, electronic checks
(e-checks), digital wallets, and automated clearing house (ACH) payments.
Step 3- Payment Authorization: Once customers receive their bills electronically, they review
the details and authorize payment through the EBPP system. Depending on the payment
method selected, customers may need to provide payment card information, bank account
details, or other relevant payment credentials to complete the transaction securely.
Step 4- Payment Processing: After receiving payment authorization from the customer, the
EBPP system securely processes the payment using the chosen payment method. For
credit/debit card payments, the system communicates with payment gateways to facilitate card
authorization and settlement. For bank transfers or ACH payments, the system initiates
electronic fund transfers between the customer's bank account and the business's bank account.
Step 5- Payment Confirmation: Once the payment is successfully processed, the EBPP
system generates a payment confirmation or receipt, which is delivered to the customer
electronically. The confirmation typically includes details such as the payment amount,
transaction ID, payment date, and confirmation number, providing customers with proof of
payment for their records.