Accounting on the Internet Chapter 2

Chapter 2: Accounting on the Internet Introduction The Internet and the World Wide Web XBRL - Financial Reporting on the Internet Electronic Business Privacy and Security on the Internet

The Internet and World Wide Web Internet Addresses and Software Intranets and Extranets The World Wide Web, HTML, and IDEA Groupware, Electronic Conferencing, and Blogs

Internet Addresses and Software Domain Address Also called a Uniform Resource Locator (URL) www.Name.com.uk Internet Protocol (IP) Numeric address of domain address 207.142.131.248 Transmission Control Protocol (TCP)

Intranets and Extranets Based on same software as the Internet Internal to the organization Outsiders are unable to access information Extranets Enable external users to access intranets Utilize passwords or private data communications channels

The World Wide Web, HTML, and IDEA Multimedia portion of the Internet Hypertext Markup Language (HTML) Editing language Used in design of web pages Hypertext Transfer Protocol (HTTP) Communications protocol used to transfer web pages

HTML Code

Display of HTML Code

Groupware, Electronic Conferencing, and Blogs Allow users to complete numerous tasks electronically Send and receive e-mail, collaborate on work tasks, schedule appointments, share files Software include Exchange, Groupwise, Lotus Notes, and Outlook

Groupware, Electronic Conferencing, and Blogs Instant Messaging Software Remote users communicate in real time Electronic Conferencing Knowledge Management Programs utilized to distribute expertise within the organization Blogs Collaboration tool Create, share, and leverage knowledge

Social Networking and Its Value to Accountants Commercial Utilization Increase organization recognition Public reaction to launch of new product Developing an online presence Seeking new clients Communicate on projects Identify consumer anger

Study Break #1 Which of the following is most likely to contain only numbers? Domain address URL address IP address Postal address

Study Break #2 Which of the following enables users to view data with a web browser? Intranet Extranet Internet All of these

XBRL - Financial Reporting on the Internet eXtensible Markup Language (XML) Similar to HTML Users define their own tags XML tags describe the data eXtensible Business Reporting Language Tags are standardized for business reporting purposes

XBRL Code

XBRL - Financial Reporting on the Internet XBRL Instance Documents and Taxonomies Must understand the standard tags Must understand the rules that govern the use of the tags Current Status of XBRL XBRL International Consortium

How XBRL Affects Accountants

XBRL - Financial Reporting on the Internet The Benefits of XBRL Transmit financial data in standard format Data items are uniquely defined Searching for tags is easier (IDEA) Data is self-checking Automatic and reliable exchange of financial information Companies are not constrained to specific formats

XBRL - Financial Reporting on the Internet The Drawbacks of XBRL Requires new users to learn, and conform to, the standards of the language Evolving standards require conformity to changing specifications No requirement for auditors to provide assurance Costs of transition

Study Break #3 All of the following are markup languages (that use edit tags) except: HTML BYTE XML XBRL

Study Break #4 A document file containing XBRL tags is a(n): Extranet document Intranet document Instance document URL

Electronic Business Definition Conduct of business with computers and data communications Categories of Electronic Commerce Accounting Retail sales E-payments and E-wallets Electronic data interchange Cloud-computing services

E-Accounting Performing accounting functions on the Internet Preparing financial reports Completing income tax returns Preparing budgets Writing reports Publishing financial information

Retail Sales Overview Problems with Internet Retail Sales Virtual stores to sell directly to customers Automated AISs Problems with Internet Retail Sales Legitimacy of web sites Reliance upon e-mails Reliance upon suppliers Click fraud Privacy concerns

Advantages of Virtual Stores

Retail Sales Privacy Concerns Annoying e-mail Credit card information Sensitive information (example – Rx)

E-Payments and E-Wallets Faster, easier, and safer way to handle online transactions E-payment service acts as intermediary E-Wallet Store consumer’s personal information Customers pay for purchases by providing their e-wallet account numbers

E-Payment System

Virtual Currency Medium of exchange that operates Beyond restriction of a particular country Beyond monetary policies Example - Bitcoin

Virtual Currency Retailers accept virtual currency Ability to do more business Ease of electronic transactions No need for credit card middlemen or check clearing houses Near-instantaneous credit of transactions to corporate accounts Consumer wallets cannot be frozen No transaction fees

Virtual Currency Risks with virtual currency Potential devaluation of currency in response to market forces Transactions are not independently auditable Earlier virtual currencies have failed Unwillingness of others to accept it

Business-to-Business E-Commerce Definition Businesses buying and selling goods and services to each other over the Internet Advantages Shortens time from purchase to delivery Expanded variety of vendors Reduces processing costs Wider availability of real-time data

Electronic Data Interchange Transmit information over high-speed data communications channels Automates exchange of business information Advantages Ability to fax documents Can include handwritten signatures Ability to exchange graphic and photographic documents

Cloud Computing Processing Services Platform as a Service (PaaS) Storage and Backup Services Maintain copies of critical data Educational Services Research and using specialized web tutorials

Advantages of Cloud Computing

Privacy and Security on the Internet Definition Using another person’s personal data that involves fraud or deception Identity Theft and Assumption Deterrence Act of 1998 (ITADA) Company Prevention Use preventive controls Exercise reasonable caution to protect personal information

Safeguarding Personal Data

Security Safeguarding electronic resources and limiting access to authorized users Access Security – Authentication What you have – plastic card What you know – unique information Who you are - fingerprints

Spam and Phishing Spam Unsolicited e-mail messages Increasingly costly to organizations Phishing Websites requesting personal information from consumers Most information is typically stored in AISs

Firewalls Purpose Two Primary Methods Problems Guards against unauthorized access Stand-alone devices and/or software Two Primary Methods Inclusion – Access Control List (ACL) Exclusion Problems Denial-of-Service Attacks Spoofing

Firewall Example

Intrusion Detection Systems Passive IDSs Create logs of potential intrusions Alert network administrators Reactive IDSs Detect potential intrusions dynamically Log off potentially malicious users Program firewalls to block messages from suspected source

Value-Added Networks Definition Private, point-to-point communication channels Usually created for security purposes Methods of Creation Blank slate, create from scratch Lease secure, dedicated transmission lines Create a Virtual Private Network (VPN)

Virtual Private Networks Definition Similar to VAN Transmit messages over existing Internet connections Creating Secure Data Transmission Use “tunneling” security protocols Encrypt transmitted data Authenticate remote computer

VAN-based EDI System

Proxy Server Definition Network server that controls web access Advantages Funnel internet requests through a single server Examine and test requests for authenticity Limit employee access to approved websites Limit stored information Store frequently-accessed web pages (Cache)

Data Encryption Definition Transform plaintext messages into unintelligible cyphertext messages Encryption key Mathematical function dependent upon a large prime number Data Encryption Standard (DES)

Simple Data Encryption

Data Encryption Secret Key Cryptography Users must keep the key secret and not share the key with other parties Public Key Encryption Each party uses a pair of public/private encryption keys SSL and S-HTTP

Digital Signatures and Digital Time Stamping Encrypted portion of message Digital Signature Standard (DSS) Digital Certificate Certificate Authority Digital Time-Stamping Services (DTSSs)

Study Break #5 Which of these statements is correct? A VPN is a type of VAN DES stands for “data entry system” An IDS is the same as a firewall All of these statements are correct

Study Break #6 Spoofing means: Kidding someone about their firewall Simulating a disaster to test the effectiveness of a disaster recovery system Posing as an authentic user to gain access to a computer system Encrypting data for security purposes