Information Systems: Creating Business Value by Mark Huber, Craig Piercy, and Patrick McKeown Chapter 8: E-Commerce Technologies

What We Will Cover: The Stages of E-Commerce First Generation E-Commerce Technologies: Establishing a Web Presence Second Generation E-Commerce Technologies: Providing Interaction Third Generation E-Commerce Technologies: Supporting Transactions Fourth Generation E-Commerce Technologies: Transforming Process

Student ROI (Return on Investment) Your investment of time and effort in this course will result in your being able to answer these questions: 1. How has e-commerce evolved over the years to provide ever- increasing business value? 2. Why do many businesses still rely on first generation e-commerce technologies? 3. How do the second-generation e-commerce technologies provide businesses with more effective customer relationship management? 4. How do the third-generation e-commerce technologies support business transactions. 5. How the fourth-generation e-commerce technologies contribute to strategic alliances.

The Stages of E-commerce Previously you were introduced to the applications of e-commerce. Now, you will be introduced to the underlying technologies support e-commerce. In its short history, e-commerce has gone through several distinct generations of growth.

Four Generations of E-commerce First generation: static content such as company information, online marketing, and company brochures. Second generation: dynamic content where Web page changes depending on a number of factors such as time and date, user profile, or browser location. Third generation: growth in businesses’ ability to support transactions on the Web. Fourth generation: increasing integration with external partners on the Web including allowing transactions between Web applications.

E-commerce Generations

First Generation: Establishing a Web Presence Basic technologies are still used: Client/server networks: the networks over which data travel. Browser: the application software that lets users request and view Web pages. HTTP protocol: the standardized rules for exchanging data over the Web. HTML: the language that guides the display of a requested page.

Client/Server Network

Web Browsers A Web browser is the software that allows you to navigate the Web and to view content you find there. It responds to the URL you enter or the hyperlink you click by displaying a hypertext-based file. Hypertext organizes content into units that are connected using associations called links. Browsers typically include a graphical user interface (GUI) that make them easy to use. Browsers have multimedia capabilities that enhance the information a business conveys. Browsers all work similarly presenting a common interface to all users.

HTTP: Hypertext Transfer Protocol HTTP comprises a set of rules for formatting and transmitting messages over the Web. HTTP is connectionless and stateless meaning it forgets about requests and responses after they are complete. This feature of HTTP requires work-arounds to support e- commerce.

HTML: Hypertext Markup Language Hypertext Markup Language (HTML) is the primary language for creating Web pages. The browser interprets the HTML through the use of tags which are used to format the content of the Web page. The tags,enclosed in angle brackets ( ) mark the placement and appearance of page components.

HTML Example

Second Generation: Providing Interaction Providing interaction between the Web page and user requires dynamic content based on user input and programming instructions. The process is: Obtain input data Pass data to Web server Hold data in memory Execute the programming instructions to process the data Input data comes from several sources Web page header information about user Server resources like the system clock Stored data about the user from a cookie Data input using an HTML form

HTML Forms The primary method of data input into a Web site is the HTML Form which is composed of one or more HTML controls. These controls must match the data needs of the transaction and minimize chance of data errors.

Storing Data on the Client Side To be able to carry out e-commerce transactions, it is necessary to store data about the customer on the client side. One way to do this is to use a cookie which is small bit of data stored on the client machine and passed back and forth between it and the Web server. Typical data on a cookie include information about the client machine, the domain name of the server that created it, and so on. When data remain on the client machine for a period of time, this is a persistent cookie. Cookies do create privacy concerns when they are used to track browsing habits.

A Cookie File

Making the Client-Side Dynamic and Interactive To make the interaction with the client machine be dynamic, some sort of programming is required. This can occur on the client-side or the server-side. Scripting languages like JavaScript are built into the Web page to add dynamic interaction such as data validation. For more complex tasks, specialized components such as Microsoft’s ActiveX technology, Java applets, and browser plug- ins are used. ActiveX technology is used for sharing information among different technologies. An applet is a small program that a browser can download and execute. A browser plug-in is a small software module that can work with the browser.

Server-side Programming When programs run on the Web server to provide dynamic interaction, this is known as server-side programming. It is more powerful than client-side scripting and allows the Web page owner to retain control over the programs. With server-side programming, a business can: Deliver content that it customized for each user. Dynamically modify content for any page. Access data stored on a server-side database and send it to the client’s browser. Take action on queries and data sent from client. Provide access control and security for a Web site Optimally manage traffic to the site

Server-Side Technologies Server-side Technology Programming Languages Description GCI (Common Gateway Interface) Perl First server-side technology often written in Perl; provided first standards PHP (PHP Hypertext Processor) PHP A free scripting language used primarily on Linux Web Servers Microsoft.NetVB.Net, C-Sharp.Net, and others Microsoft’s family of development languages. ASP. NET is used Java Servlets and Javaserver Pages Java Java servlets are written in Java and execute on server faster than CGI.

The n-Tier Infrastructure An e-commerce system is composed of various layers or tiers with the number of tiers depending on what components are used. A typical system is the 4-tier system with a client tier (you and your browser), a Web server tier, an application server tier, and a database server tier. For a really large system, there will be multiple computers set up to handle the processing at each server tier.

A 4-Tier Structure

Carrying out a Transaction 1. An HTTP request for a Web page is sent from your browser. 2. Web server receives request and determines how to respond (almost always sending a Web page.) 3. If request requires a dynamic response, Web server acts as controller routing messages between client and application server. 4. When needed, the database server is queried. 5. Results of an executed application are formulated into a Web page. 6. The Web server includes dynamically generated page in HTTP response which is sent to browser.

Third Generation: Supporting Transactions In the third generation of e-commerce, businesses recognized that they must deal with three issues to be successful: 1. Making it possible for customers to find information about companies, products, and services. 2. Making it possible for customers to order and paying online for goods and services. 3. Providing secure and private transactions.

Search Engines Internet search engines make it possible for customers to find information—probably too much information! When you search the Web, you are really searching a database that was created from previous Web searches. The main difference in search engines is how the database of Web locations is created and organized. Web sites are found by a Web crawler and are submitted by humans. An important consider is how the database organizes or indexes the Web data. Which pages are shown first when you submit search criteria?

The Search Engine Process

Order and Payment Systems All e-commerce sites must have components for processing orders and accepting payments. The four primary components of a typical e-commerce site are: 1. The shopping and ordering system 2. The merchant account 3. The payment gateway 4. The security system Most e-commerce systems use a secure HTML order form or an in-house shopping cart system. Smaller businesses often use third party merchant accounts like that available from PayPal. The shopping cart system is the most popular e-commerce system for larger businesses where a customer wants to buy multiple products usually using a credit card.

Merchant Accounts An important aspect of any e-commerce systems is a merchant account which is a bank account that allows the merchant to receive the proceeds of credit card purchases. A secure gateway provider is a company that provides a network to process encrypted transactions from a merchant’s Web site. It then passes the transactions on to the issuing banks for credit card approval. A secure gateway provider will usually provide a payment gateway and a processor. The payment gateway links the e- commerce site to the banking system. The processor accepts data from the shopping cart, formats it, and enters it into the banking network.

Linking the E-commerce site to the Banking Network

Steps in the E-commerce Process 1. Customer places order thought e-commerce Web site. 2. The payment gateway provider detects the placement of an order. The provider securely encrypts the transaction data and passes an authorization request to the bank to verify the customer’s credit card account and available funds. 3. The gateway provider returns a response, indicating whether or not the transaction is authorized, to the e-commerce merchant. This process typically takes less than 3 seconds. 4. Upon approval, the e-commerce merchant notifies the user and fulfills the customer's order. 5. The gateway provider sends a settlement request to the merchant account’s bank. 6. The merchant account’s bank deposits the transaction funds into the e-commerce merchant’s account.

E-commerce Security The order and payment systems must be secure to protect both the customer and the merchant. Several technologies to do this have been developed. Most e-commerce security technologies relate to the Secure Socket Layer (SSL) protocol, which allows a client and a server to communicate in a way that prevents eavesdropping, message forgery, or tampering. A server that encrypts data using the SSL protocol is known as a secure server which uses shttp instead of http. A web site can signal that it uses SSL to encrypt data by purchasing an SSL site certificate. Another security system is the Secure Electronic Transaction (SET) protocol from Microsoft and MasterCard. Cookies are an important part of these security systems as they are used to authenticate users or to hold data to match the user in the shopping cart.

Encryption The most common method of providing security to e-commerce transactions, as well as most other Internet activity, is encryption, which is the process of scrambling a message so that it is meaningful only to the person holding the key to deciphering it. The reverse process, decryption, converts a seemingly senseless character string into the original message. There are two primary forms of encryption systems: private key and public key encryption. Private key encryption uses the same private key to encrypt and decrypt a message. A key is an algorithm used to encode and decode messages. In contrast, a public-key encryption system has two keys: one private and the other public.. The public key is freely distributed and used to encrypt messages coming to you. The private key remains secret and only used to decrypt the messages encrypted with your public key.

Public Key Encryption

Fourth-Generation: Transforming Processes XML and web services were mentioned earlier as technologies for dealing with the software integration problem. These technologies are moving us into the realm of automatic interaction between computers at one business automatically interacting with computers at another business. For e-commerce, these technologies are improving the ability to exchange small amounts of data via the web and to standardize the support of transactions.

eXtensible Markup Language (XML) XML (eXtensible Markup Language), like HTML, uses tags to mark up content and/or data so that software applications can recognize it. The goal of XML is to describe data and focus on what it means, while the goal of HTML is to describe how to display data. Using XML, companies can define their own tags that their trading partners can understand.

Uses for XML XML UseDescription B2B e- commerce XML provides a tool for exchanging transaction data between applications with a minimum of human interaction. Data StorageXML stores data in plain text files; which allows the development of generic applications to store, retrieve, and display the data. Basis for new languages XML has been used to create new languages, such as Wireless Markup Language (WML), which is used to mark up Internet applications for handheld devices like wireless PDAs and mobile phones Data Exchange Real-world systems often work with data in incompatible formats; however, because XML is self-descriptive and usually transmitted as plain-text, it can be read by many applications. Increase in Usefulness of Data Since XML is platform-independent, data can be made available to more applications than just the standard browser. Diverse applications can access XML files as data sources. Separate data from HTML Developers can create “separate concerns” by storing data in separate XML files. HTML can be focused on display that will not require any changes as data changes.

Web Services Web services are a standardized way for one computer program to request and run another computer program over the Internet. A web service is a platform-independent software component that can be: Described using a standard description language Published to a public registry of services Discovered using a standard method Requested through an application program interface (API) Combined with other services and procedures to compose an application Web services give companies the ability to do more e-commerce business, with more potential business partners, and in more different ways than before at a reasonable cost. Web services are based on a number of accepted standards that allows everybody to work on the same basis.

Primary Web Service Standards StandardDescription XMLThe language used by web services for marking the exchanged data according to its meaning. Simple Object Access Protocol (SOAP) A simple XML-based protocol to let applications exchange information over HTTP. Web Service Description Language (WSDL) A standard based on XML for formally defining a Web service Universal Description, Discovery and Integration (UDDI) A standard for setting up directories of web services. UDDI will allow you to discover what web services are available on the network.

Summary of Web Services

Copyright 2008 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in section 117 of the 1976 United States Copyright Act without express permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back- up copies for his/her own use only and not for distribution or resale. The Publisher assumes no responsibility for errors, omissions, or damages caused by the use of these programs or from the use of the information herein.