Savitribai Phule Pune University

Third Year of Computer Engineering (2015 Course)

310244: Information Systems and Engineering Economics

Unit-1 Basic of Management Theory & Practices

Syllabus:- Role of Information Systems in Organizations, The Information System Manager and his challenges, Concepts of Information Systems, Information Systems and Management Strategy Case Studies - May Include Information Systems in the Indian Railways, Information Systems in an e-Commerce Organization.

Purpose of Information Systems

The purpose of an information system is to empower its users. There is a wide difference in a simple database which stores data and return it to its users upon request. A database can be created in a way that manages and retrieves information in a sorted manner. This information can help make decision at various levels within an organization. Information system recognize that there are different levels of workers in an organization who have their specific duties and thus provides them information is different ways (Heinrich, 2002). Its purpose is to make sure that the users of the system are quickly able to access, comprehend, and react to the information provided to them. Wiseman (1985) mentions that the information system improves business functionality by automating some of the fundamental information procedures. He further mentions that the information system increases the effectiveness of the management by satisfying their information demands. Information demands of businesses vary at different organizational levels. Various business functions at strategic, tactical and operational level have different types of subsystems of information system to serve their information demands. Some of the commonly used subsystems are as follows:

• Management Information Systems (MIS) • Decision Support Systems (DSS) • Knowledge Management Systems (KMS) • Expert Systems (ES) • Executive Information Systems (EIS) • Transaction Processing Systems (TPS) • Accounting Information Systems (AIS)

E-commerce

An important component of the information and communication technology and indeed one of its most momentous impacts is the provision and empowerment of electronic commerce. Electronic commerce is a process of buying and selling of products or services by means of electronic systems involving the Internet and e-mails .

Commercial activities performed through e-commerce are either business-to-business (B2B) or business-to-consumers (B2C). E-commerce is a very cost-efficient mode of conducting business-to-consumers commercial activities (Graham 2008). E-commerce allows economic agents to reduce the transactional cost to a great extent (Porter 2001). Instead of internal hierarchies, it empowers the market itself to organize economic activities, which in turn increases the efficiency of the not just the business but across the entire commodity chain (Malone et al. 1987).

E-commerce creates a dimension of ‘spacelessness' for economic activities which is one of its most distinctive features. Since the emergence of the Internet and increasing use of e-commerce, the imminent “death of distance” and creation of an ‘eight continent' has been highlighted by researchers which is spurred by the increasing trade and commerce activities conducted electronically. They assert that constraints such as space and distance are becoming less significant for conducting economical activities (O'Brien 1992; Cairncross 1997). A large literature exits regarding various firms having used e-commerce to achieve competitive advantage by finding new and distant customers (for example see Daniel and Grimshaw 2002; Hamill and Gregory 1997; Kim and Mauborgne 1999; O'Keefe et al. 1998; Poon and Swatman 1999). Thus information systems also serve the purpose of communication with external business entities for trade and commerce activities.

Analysis of the problems of gathering data and analysing information

Information systems are a vital tool in achieving competitive advantage for a business by properly managing and analysing the information. However there are many security concerns that have being in the corporate agenda since its early usage. Today organizations are challenged by various and complex information security matters for handling distributed computer networks. Large amount of e-commerce activities, increased usage of internet, and ever changing technologies means new threats and risks and vulnerabilities for businesses as more and more business functions and procedures are becoming paperless. For this purpose, right controls are required within an organization to reduce the risks and ensure effective functioning of the information systems Sushil & Leon, 2004). Information Systems requires certain controls to be implemented for its smooth and effective functionality (Boczko, 2007). Information security managers can put these controls in place to ensure the system is secure against threats, exposure, and risks. (Gertz, 2003).

• A threat can be any possible unwanted occurrence or event that could harm the Accounting Information System or the business.

• The exposure is the possible loss of money that would occur as a result of the threat becoming a reality.

• The risk is the chance that the threat will become reality.

The controls that secure information systems against unfavourable outcomes are as follows:

• Preventive Controls

• Input Controls; Input controls checks upon the information that is being entered into the system.

• Processing Controls; Processing controls checks whether the data is processed properly after it is entered in to the system.

• Output Controls; The output controls ensure the completeness, validity, and accuracy of the data in various output mediums.

• Storage Controls; The storage controls ensures that the data in stored in such a manner that it cannot be tampered with.

• Files Controls; Files controls reduce the errors that occur due the improper storage of files.

• Hardware Security; Hardware security control is very important as any damage or harm to the hardware would mean that the failure of the system therefore the hardware for the information system must be kept in a secure place and with only reliable and relevant personal having access to it. Proper protection against high temperature or power failures and incidents should be made along with backup support.

• Standardization; Standardization controls involves usage of already laid down standards by the developers and operators for the methodology of the system development and operation respectively.

(Basset, 1993)

• Detective controls

• Testing; Testing is required to detect any problems occurring in the system and is thus performed before it is made operational. Testing can shows problems that can occur in the processing and any other errors. It is recommended that testing should be performed on a routine basis or after any new developments.

• Training; the training of the data processing staff ensures proper functioning of the system. The awareness of the staff also helps in pointing any defects in the system which could then be resolved.

• Operation Controls; Operation controls in Dean Plc are controls which record what computer systems and the employees have been doing. The operational controls can include tasks such as rotation of shifts, duty logs, manual of operating instructions,

attendance controls and computer logs, etc. which can referred to whenever a problem is reported.

(Basset, 1993)

• Corrective controls

• When any problem in the system is detected, the management along with the help of Business Analysts and Expert can take relevant steps to correct the problems in the system.

• Certain procedure can be set for reoccurrence of the problems.

Apart from security concerns, there are several other challenges and issues associated with managing information systems. These are:

• Increase costs of a technological solution (developing, implementing and maintaining of the information technologies and systems)

• Reliability for certain processes (information systems require thorough testing before they could be used and are difficult prone to errors leading to potential losses)

• Software tools are not fixed but constantly evolving (information communication technology tools require timely upgrades to meet prevailing standards)

• Integrating digital and non-digital sales and production information (for e-commerce activities)

• Customer fear of personal information being used wrongly (privacy issues)

• Customer have high expectations regarding efficiency and real time responses

• Vulnerability to fraud and other crimes

• Higher employee training required to effectively using the information technology.

Another technological concern regarding information technology is the high volume of data generated from its use and its management. Organizations are required to create robust middleware application that are capable of handling the high amount of data and route it to the appropriate information systems in a timely manner (Ngain and Gunasekaran 2009).

Major sources of relevant data used for management information systems

As mentioned previously, businesses and organizations have a variety of information requirements. Executives at strategic level require information to help them with their planning and strategic decision making. They require a summarized form of information

that can give an overview of the business. Middle management requires more detailed information in order to oversee and control business activities. Operational level employees need basic routine information to carry out their day to day duties. Therefore, businesses have several information systems working altogether at the same time. Different information systems have different sources of gathering data according their purpose. The following presents a list of most commonly used information system and their likely sources of data and users.

Executive Support Systems

Executive Support System helps the senior management of an organization in making strategic decisions. Executive Support Systems shows the status of all key business activities and involves large data analysis to help strategic decision making. Therefore, it is likely to have information from all the internal and external sources which is gathered, analysed and summarized for strategic decision making. Internal sources include information collected from other information systems. External information system can include external data gathered by e-commerce activities, external market analysis and etc.

Management Information Systems

Management information system is concerned with the summarized data of the business transactions that helps middle management to monitor business activities. Therefore it is likely to have information from all the internal sources such as transaction processing systems. It summarizes information into management reports.

Decision-Support Systems

Decision Support Systems are designed to assist middle and top level management in making decisions at uncertain conditions. It informs the user about the possible consequences of their decisions. It gathers internal information to analyse the available options and alternatives. It has a predefined set of logic which is part of its design. It uses complex tools spreadsheets, and databases for creating ‘what if' models.

Knowledge Management Systems

Knowledge Management Systems are created to help organizations and businesses create and share information. The source of such information systems is typically the employees who create new knowledge through their own expertise and then share it along with others within an organization. This share pool of information is created to search new commercial opportunities. Examples of such information systems are web-portals and Intranet portals created by professional lawyers, management consultants and etc. these information systems categorize and distribute information efficiently among users. Information could be contained in any form and formats such as word processed documents, presentations, web pages and etc.

Transaction Processing Systems

Transaction Processing Systems are created to process daily repetitive activities and transaction in an automated efficient manner. The automation increases the accuracy of the information. A business usually involves several reoccurring transactions. Therefore, there are several Transaction Processing Systems such as Billing systems, Payroll systems, Inventory management systems, etc. The sources of these information systems are the employees at the operational level or the organization. Sometimes automated identifications are also used to input data to these systems such as Radio Frequency Identification.

Office Automation Systems

Office Automation Systems are tools that help improve the productivity of employees processing data. Such systems usually work as standalone programs and do not link data to other information systems. Examples of such systems include Microsoft Office Tools, and Computer Operating Systems.

Role of Information Systems in Organizations,

Information systems play a vital role in an organizations’ overall performance. They provide many advantages to their users which range from simple transaction processing at the operational level to difficult tasks such as making important and competitive decisions at the strategic level of the organization. Several roles played by information systems in an organization can be identified but O’Brien and Marakas (2008) have identified three fundamental roles played by information systems in businesses. These are; Information systems support business processes and operations. Secondly, they support decision making of employees and managers and lastly, they support strategies for competitive advantage. These three fundamental roles encompass any other roles played by information systems in an organization.

Information systems support business processes and operations of an organization in many ways. In a hotel for instance, customer check - ins and check-outs are done by computers and software which makes work easy unlike the traditional method of using notebooks and paper to record such information. Customers can now even make their own bookings through the hotels website instead of visiting the hotel in person to do so, which may lead to pressure on front office staff. Systems have now been developed to gather customer information easily and quickly. Now, because of information systems, the various departments of an organization work together with ease. The housekeeping department of a hotel can now inform the front office about which rooms areready for use and which are not, without personal interactions of staff as a result of information systems. The running of an organization has now becomesmoother with well integrated information systems.

Information systems also help employees and managers of a business to make well informed decisions. This is because information systems have the capability of analyzing

data that has been collected from both within the organization and from external sources into useful information which can be used by employees and managers in their decision making process. Decision-making isan integral part of management and occurs in every function and at all levels.

Decisions are better made when accurate information is available which aids the decision maker in making an objective decision (Terry Lucey 2005). Information systems types like Management Information System (MIS), Decisions Support Systems (DSS) and Executive Information Systems (EIS) are specially designed to help management of an organization in their decision making process. These systems generate typical reports and graphs on issues such as trend of orders, customer analysis, product profitability, finished stock positions and forecasts, accident and absentee reports, job evaluation reports and many more. Managers and employees use these reports and graphs as a basis for their decisions. For example, decisions on which meals that need to be added or removed from a hotel menu may be taken by the food and beverage manager after a typically analysis is made by the help of a Decisions Support System.

Finally, information systems also support strategies for competitive advantage. Competition in today’s business is keen and what will become important is how quickly companies can convert their reams of information they collect into knowledge so that they can provide services and products that are ahead of their competitors. Strategic information systems can help provide hospitality operations with the innovative mediums they need to provide products and services that will give them comparative advantage over their competitors. Nhyiem et al (2005) observes that, in the hospitality industry, competitive advantages may result in increased room sales ( through efficient reservation systems and organisational websites), decreased cost of goods ( through reduction in operating cost and less expensive distribution channels), brand awareness(through effective advertising campaigns targeted at the appropriate customer and delivered through the most appropriate cost effective medium), good customer-organizational relationship (by keeping database of customers and their needs)and effective decisions making that are timely.

Organizations strive to be market leaders in their given industry. In climates where factors such as recession, inflationary pressures and increased competition can hinder the achievement of this goal, companies look for strategies that lead to competitive advantages. One such strategy is the adoption of information systems within the company. Information systems help a company make adequate use of its data, reduce workload and assist with compliance with various mandatory regulations.

Information Storage and Analysis

At the date of publication, many companies no longer manage their data and information manually with registers and hard-copy formats. Through the adoption of information systems, companies can make use of sophisticated and comprehensive databases that can contain all imaginable pieces of data about the company.

Information systems store, update and even analyze the information, which the company can then use to pinpoint solutions to current or future problems. Furthermore, these systems can integrate data from various sources, inside and outside the company, keeping the company up to date with internal performance and external opportunities and threats.

Assist With Making Decisions

The long-term success of a company depends upon the adequacy of its strategic plans. An organization’s management team uses information systems to formulate strategic plans and make decisions for the organization's longevity and prosperity. The business uses information systems to evaluate information from all sources, including information from external references such as Reuters or Bloomberg, which provide information on the general economy. This analysis of and comparison to market trends helps organizations analyze the adequacy and quality of their strategic decisions.

Assist With Business Processes

Information systems aid businesses in developing a larger number of value added-systems in the company. For example, a company can integrate information systems with the manufacturing cycle to ensure that the output it produces complies with the requirements of the various quality management standards. Adoption of information systems simplifies business processes and removes unnecessary activities. Information systems add controls to employee processes, ensuring that only users with the applicable rights can perform certain tasks. Further, information systems eliminate repetitive tasks and increase accuracy, allowing employees to concentrate on more high-level functions. Information systems can also lead to better project planning and implementation through effective monitoring and comparison against established criteria.

Considerations

Implementing information systems within an organization can prove to be costly. Implementation costs include not only installation of the systems but also employee training sessions. In addition, employees may see the adoption of information systems as an unwarranted change and, thus, may resist this change. Resistance to change can hinder business operations and can cause employee turnover. Companies should have leadership in place to assess the adequacy of the decision to have an information system and to guide the company through the transition phase and weigh information systems cost against the potential benefits.

To gain the maximum benefits from your company's information system, you have to exploit all its capacities. Information systems gain their importance by processing the data from company inputs to generate information that is useful for managing your operations. To increase the information system's effectiveness, you can either add more data to make the information more accurate or use the information in new ways.

Communication

Part of management is gathering and distributing information, and information systems can make this process more efficient by allowing managers to communicate rapidly. Email is quick and effective, but managers can use information systems even more efficiently by storing documents in folders that they share with the employees who need the information. This type of communication lets employees collaborate in a systematic way. Each employee can communicate additional information by making changes that the system tracks. The manager collects the inputs and sends the newly revised document to his target audience.

Operations

How you manage your company's operations depends on the information you have. Information systems can offer more complete and more recent information, allowing you to operate your company more efficiently. You can use information systems to gain a cost advantage over competitors or to differentiate yourself by offering better customer service. Sales data give you insights about what customers are buying and let you stock or produce items that are selling well. With guidance from the information system, you can streamline your operations.

Decisions

The company information system can help you make better decisions by delivering all the information you need and by modeling the results of your decisions. A decision involves choosing a course of action from several alternatives and carrying out the corresponding tasks. When you have accurate, up-to-date information, you can make the choice with confidence. If more than one choice looks appealing, you can use the information system to run different scenarios. For each possibility, the system can calculate key indicators such as sales, costs and profits to help you determine which alternative gives the most beneficial result.

Records

Your company needs records of its activities for financial and regulatory purposes as well as for finding the causes of problems and taking corrective action. The information system stores documents and revision histories, communication records and operational data. The trick to exploiting this recording capability is organizing the data and using the system to process and present it as useful historical information. You can use such information to prepare cost estimates and forecasts and to analyze how your actions affected the key company indicators.

Challenges Facing Today’s Information System Development

The world today runs on various information systems. Information Systems functionality is increasingly becoming a necessity and not an option. Imagine a company that relies on e-commerce that has its website taken down due to software failure and security issue. This fault in the software can make the company lose thousands if not millions of dollars in revenue. Thus, robustness and security of the system are equally important to ensure system confidentiality, integrity and availability (CIA). The two main challenges facing today’s information systems are operational and technical challenges. These challenges must be addressed from the very beginning to ensure software projects do not fail.

Operational Challenges

Perhaps designing information systems software may have become easier than what it was in the past, however, operational challenges have become even more demanding. Some of the key operational challenges facing today’s information system’s development include:

Bad Communication: Lack of understanding/planning for customer, organization and other stakeholders requirements/needs for the project.

Unclear Requirements: When requirements are not clearly identified, this will lead to change of requirements during middle of the project which will increase project delivery time and anger many customers.

Increasing Cost: All of this will lead to added labor and project cost. Thus making the project less profitable and takes away interest from stakeholders.

Delayed Project Delivery: The result of what mentioned above will cause project milestones to be pushed back and a potential software with less functionality than what agreed upon in the beginning agreement with the client.

Market Pressure: Another important aspect is the rapid development of software to meet the ever-changing market demands.

In order for the project to succeed from an operational perspective all stakeholders including the end-user (customers), managers who influence direction and budget, and software developers must be in full collaboration to ensure successful delivery of the new information system.

Technical Challenges

The other main and important part of information system’s development challenges are the technical challenges. Technical challenges determine the true system functionality, reliability and availability. Today’s information systems challenges include:

Knowing the Technical needs: This is about understanding programing languages, the frameworks, the systems and the algorithms needed for a particular information system to be successful. An important factor today is making sure that your web based information system works on all browsers

and devices. It is also about knowing your developers programming expertise and using that to your advantage.

Right Design Patterns: Identifying the right design patterns for your information system software and establishing an actual design review, quality evaluation criteria and design management is something highly neglected today because of the time and effort it takes.

Quality Control: Sometimes codes are not built with a "sanity in mind" which can lead to significant challenges in the future. Building quality and maintainable code that can scale to multiple systems to serve millions and millions of customers is a key challenge today if addressed can save the company from catastrophes and put them ahead of their competition.

Security: Security is highly important especially with today’s cyber warfare and attacks. Ensuring no leaks are open during information system development is key in safeguarding your customer and employee private data. Educating your employees about reverse engineering is also another key important thing that developers and technical staff overlook.

Always Debugging: You're always on the lookout in fixing logical errors, debugging those infinite loops or divide by zero bugs in the code. According to Linu’s law, always have enough eyeballs to lookout for bugs in the system.

These challenges and many more should be properly addressed and defined way before programmers even start coding. The key takeaway in production quality is to have a polished/optimized/efficient program with strong business logic and always tested and documented information system development project.

The Information System Manager and his challenges:-

Top Three Problems IT Managers Face and How to Overcome Them

oday's business environment has changed drastically from just a few years back. Rather than working exclusively with equipment, data, and systems, today's IT managers face issues such as cross training, personnel management, interdepartmental communication, and a widening job scope for all IT employees.

This expansion of the IT job realm has left many IT managers juggling new challenges. While the problems, in and of themselves, might appear overwhelming, there are simple, proven ways to rise above them.

Problem #1 - Tough Data Flow

Information often flows irregularly and is subject to quantitatively strong fluctuations. These fluctuations can become detrimental if not dealt with. The simple solution is to control the information.

Officially, "information controlling" is the analysis, evaluation, and importance attached to the electronic data that is collected and provided with the data under various criteria.

To achieve this, start by making employees aware of the importance of the data they help to gather. Encourage accuracy and demonstrate to employees how their active participation in the process can reap rewards they might not have thought of.

Because your job as IT manager will continue to get more and more hectic, you'll want to continually look for ways to improve speed and quality while reducing rising costs.

Problem #2 - Rising Costs

Rising costs are a challenge for any manager. They are especially troubling to an IT manager working in the electronic data processing area.

Industry experts show that, despite various "old systems" existing, resources are only used at about 30% of their optimal performance. This leaves room for 70% improvement without an excessive outlay of cash.

To increase ROI using existing resources, consider:

I. Conducting a survey of departments.

Ask what their primary challenges are with the existing systems. The majority of the time the solutions lie within untapped features of existing resources. Search the systems for solutions and provide them.

II. Getting clear definitions of problems.

Oftentimes, employees may not know how to communicate the problems they face in "IT language." This may relate to an ill-suited solution. Take time to work with employees or department heads to clearly outline challenges so you are equipped to find solutions more quickly and accurately.

III. Looking for ways to integrate.

A smooth flow of information always increases productivity. When possible, work to find ways to integrate existing systems. With a little ingenuity on your part, and a little creativity, you can develop solutions without budget increases.

Problem #3 - Insufficient Sensitivity Concerning Data Security

As the complexity of electronic data processing increases, security often decreases. Not only does this pose problems in the form of breaches, it also has legal ramifications with regard to licenses.

From healthcare companies to financial organizations, the US government is cracking down on lax security. The smart IT manager is taking steps now to not only stress the importance of security to those in his/her company, but to also instill the necessary protective measures.

To help others within your organization understand how sensitive certain data is, create a memo or site page explaining:

what security measures are currently in place,

why these measures exist,

the consequences (internally and externally) for not following security procedures, and

whom to contact with questions/issues regarding security.

Although an IT manager's job is continually evolving and becoming more challenging, there are ways to overcome pressing problems. By looking at each situation from a variety of angles, you'll be able to define problems quickly and accurately, and then offer solutions that will benefit you, your team, and your entire company.

Concept of Information System

By Wiki[pedia:- An information system (IS) is an organized system for the collection, organization, storage and communication of information. More specifically, it is the study of complementary networks that people and organizations use to collect, filter, process, create and distribute data.[according to whom?]

"An information system (IS) is a group of components that interact to produce information."[1]

A computer information system is a system composed of people and computers that processes or interprets information.[2][3][4][5] The term is also sometimes used in more restricted senses to refer to only the software used to run a computerized database or to refer to only a computer system.

Information systems is an academic study of systems with a specific reference to information and the complementary networks of hardware and software that people and organizations use to collect, filter, process, create and also distribute data. An emphasis is placed on an information system having a definitive boundary, users,

processors, storage, inputs, outputs and the aforementioned communication networks.[6]

Any specific information system aims to support operations, management and decision-making.[7][8] An information system is the information and communication technology (ICT) that an organization uses, and also the way in which people interact with this technology in support of business processes.[9]

Some authors make a clear distinction between information systems, computer

systems, and business processes. Information systems typically include an ICT

component but are not purely concerned with ICT, focusing instead on the end use of

information technology. Information systems are also different from business

processes. Information systems help to control the performance of business

processes.[10]

The six components that must come together in order to produce an information

system are:

1. Hardware: The term hardware refers to machinery. This category includes

the computer itself, which is often referred to as the central processing unit

(CPU), and all of its support equipments. Among the support equipments are

input and output devices, storage devices and communications devices.

2. Software: The term software refers to computer programs and the manuals

(if any) that support them. Computer programs are machine-readable

instructions that direct the circuitry within the hardware parts of the system

to function in ways that produce useful information from data. Programs are

generally stored on some input / output medium, often a disk or tape.

3. Data: Data are facts that are used by programs to produce useful

information. Like programs, data are generally stored in machine-readable

form on disk or tape until the computer needs them.

4. Procedures: Procedures are the policies that govern the operation of a

computer system. "Procedures are to people what software is to hardware"

is a common analogy that is used to illustrate the role of procedures in a

system.

5. People: Every system needs people if it is to be useful. Often the most over-

looked element of the system are the people, probably the component that

most influence the success or failure of information systems. This includes

"not only the users, but those who operate and service the computers, those

who maintain the data, and those who support the network of computers."

<Kroenke, D. M. (2015). MIS Essentials. Pearson Education>

6. Feedback: it is another component of the IS, that defines that an IS may be

provided with a feedback (Although this component isn't necessary to

function).

Types of information system

The "classic" view of Information systems found in the textbooks[18] in the 1980s was of

a pyramid of systems that reflected the hierarchy of the organization, usually

transaction processing systems at the bottom of the pyramid, followed by management

information systems, decision support systems, and ending with executive information

systems at the top. Although the pyramid model remains useful, since it was first

formulated a number of new technologies have been developed and new categories of

information systems have emerged, some of which no longer fit easily into the original

pyramid model.

Some examples of such systems are:

data warehouses

enterprise resource planning

enterprise systems

expert systems

search engines

geographic information system

global information system

office automation.

The first four components (hardware, software, database, and network) make up what is known as the information technology platform. Information technology workers could then use these components to create information systems that watch over safety measures, risk and the management of data. These actions are known as information technology services.[19]

Certain information systems support parts of organizations, others support entire organizations, and still others, support groups of organizations. Recall that each department or functional area within an organization has its own collection of application programs, or information systems. These functional area information

systems (FAIS) are supporting pillars for more general IS namely, business intelligence systems and dashboards[citation needed]. As the name suggest, each FAIS support a particular function within the organization, e.g.: accounting IS, finance IS, production/operation management (POM) IS, marketing IS, and human resources IS.

In finance and accounting, managers use IT systems to forecast revenues and business activity, to determine the best sources and uses of funds, and to perform audits to ensure that the organization is fundamentally sound and that all financial reports and documents are accurate. Other types of organizational information systems are FAIS, Transaction processing systems, enterprise resource planning, office automation system, management information system, decision support system, expert system, executive dashboard, supply chain management system, and electronic commerce system. Dashboards are a special form of IS that support all managers of the organization. They provide rapid access to timely information and direct access to structured information in the form of reports. Expert systems attempt to duplicate the work of human experts by applying reasoning capabilities, knowledge, and expertise within a specific domain.

Information Systems and Management Strategy Case Studies:- Indian

Railway

The Centre for Railway Information Systems (CRIS) designs, develops, implements and

maintains most of the important information systems of Indian Railways. It is located in

Chanakyapuri, New Delhi. CRIS was established in 1986 by the Ministry of Railways of

India.

In 1982, Indian Railways (IR) set up a central organisation (COFOIS) to computerise

freight operations.

In 1986 the Ministry of Railways saw the need for a dedicated, autonomous

organisation and established CRIS, an umbrella organisation for all information

technology-related activities on Indian Railways.

It was entrusted with the task of designing, developing and implementing the Freight

Operations Information System (FOIS) and its communications infrastructure. CRIS

began functioning in July 1986 as an autonomous organisation headed by an Executive

Director (later redesignated Managing Director).

A unique feature of CRIS is collaboration by IT specialists and railway experts on

deputation from the Indian Railways. Systems managed by CRIS have received

international recognition from Computerworld.[1][2]

Work

CRIS designs, develops, implements and maintains information systems for Indian

Railways. In addition, CRIS has developed, implemented and maintained IT systems for

the Andaman and Nicobar Islands (the A & N Ship Ticketing system). The number of

projects handled by CRIS has increased from three in 2000 to more than 40 by 2016.

Major IR projects

1. Computerisation of the Freight Operations Information System of Indian

Railways: The FOIS enables management and control of freight movement,

optimised asset utilisation and the generation of freight invoices. Many of

IR's larger freight customers pay through an electronic payment gateway

interfaced with the FOIS. About 72 percent of the railway's freight revenue is

paid electronically.[3]

2. Passenger Reservation System (PRS): A nationwide online passenger

reservation and ticketing system, developed and maintained by CRIS, is

developed in C and Fortran on a Digital OpenVMS operating system using RTR

(Reliable Transaction Router) as middleware. Also known as CONCERT

(Country-wide Network of Computerised Enhanced Reservation & Ticketing),

it interconnects the four regional computing systems (in New Delhi, Mumbai,

Kolkata and Chennai) into a national PRS grid. It allows a passenger anywhere

to book train tickets from any station to any station. PRS handles

reservations, changes, cancellations and refunds, reserving over 1.6 million

seats and berths daily. Complex rules, validations and fare-computation

techniques are interwoven in the application.[4]

3. Next Generation eTicketing (NGeT): The Internet-based E-ticketing

reservation system, developed for IRCTC, that connects at the back-end to

PRS.[5]

4. Computerisation of Indian Railways' Unreserved Ticketing System.

Unreserved ticketing is a major component of IR’s ticket volume and an

important source of revenue. UTS delivers fast unreserved ticketing from

dedicated counters, replacing manual printed-card tickets, EFTs and BPTs

with centralised online sales accounting. The architecture integrates with

handheld terminals, smart cards and vending machines.

5. [ National Train Enquiry System] for latest train running times and live train

tracking.[6]

6. [ Web-enabled claims: Web-based software enables the public to file and

track claims online.[7]

7. Rail Budget Compilation System (RBCS): Developed for budgetary input from

Indian Railways zones and production units, RBCS facilitates data capture,

database construction, demand analysis and estimate pruning for the railway

budget.

1. "Case Monitoring System" the Online Peoples' Representatives Demands Monitoring and Redressal System. Used in Parliament by MR Mukul Roy.

2. "I-Pas" aids the personnel and finance departments. It consists of two modules: Financial Accounting System (FAS) and Payroll System (PS).

3. Workshop Information SystEm (WISE): A MIS project for railway workshops around the country. It is in operation in 14 workshops: Kharagpur, Jagadhri, Ajmer, Kota, Charbagh, Liluah, Kanchrapara, Matunga, Lower Parel, Parel, Bhusawal, Secunderabad, Lallaguda and Jamalpur. WISE provides report for workshop management using the ORACLE DBMS, and is being upgraded to an ERP-based system.

4. Crew management: The Crew Management System (CMS) software provides real-time railway crew information. Information includes location, status and train assignments. It also maintains information on time off and continuing education. The software issues SMS alerts to management and supervisors if crew levels drop below a level likely to affect train operations. It can book crew for coach, shunting and freight service. The software supports the safety monitoring of the crew by inspectors, monitoring crew knowledge through a quiz administered through kiosks in crew lobbies, and provides up-to-date safety circulars.

5. Control Office Application (COA): Enables rail-traffic controllers to manage the trains running in their section, and is operational in all division control offices. The COA interfaces with other applications (such as NTES) to provide train information to passengers and managers.

6. E-Procurement System: Provides a secure, fair and transparent method of materials procurement through a web-based interface. It enables suppliers to securely upload their tenders to a central server in encrypted form, which can be decrypted only by authorised railway officials after the tender opening. All timestamps are authenticated by the National Physical Laboratory. The system is operational on all zonal railways and units, and has been extended to CORE, RDSO, RailTel and the Kolkata Metro. E-Auction was launched in March 2012, and has been adopted by All zonal railways and Production Units. A payment gateway was implemented in January 2012 and approx 280 Crore online funds transferred till Feb 2014 .[8]

7. Software for Locomotive Asset Management (SLAM): Under development, this system will track and allocate electric locomotives.

8. Additional asset-management systems, such as for Diesel locomotives, freight cars, coaches and track, are under development. An ERP-based system was implemented at the Integral Coach Factory, Chennai, in January 2012.

9. Automatic fare-collection and passenger-control systems for Metro Railway in Kolkata using RFID technology.

10. Freight Maintenance Management(FMM): An ERP and Java based system, developed to cover Maintenance of Freight Rolling Stock. ERP part is used for purely maintenance jobs in depots, whereas Java part(known as Central Application) is used for reporting purpose and other mechanical(only freight) department related business processes by Divisional and Zonal HQs and RB. Currently in pilot phase, successfully implemented in Dadri Wagon Depot (NCR), Tuglakabad Wagon depot (NR) & Dhandarikalan Wagon Depot (NR). The BPC(Brake Power Certificate) of freight trains in yards under these depots, are issued through FMM.

11. Locoshed Maintenance Management(LMS): A Maintenance Management System for Diesel Locos.

The first major project launched came in the year 2000; it was the Internet Querying system for PRS (Passenger Reservation System). Passengers could check their PNR S S Mathur, GM – Corporate Coordination, Cris (Centre for Railway Information Systems), talks about the role that CRIS is playing in bringing the benefits of IT to the Indian Railways status on the PRS website.

The site continues to be extremely popular with railway passengers. In 2002, the Unreserved Ticketing System (UTS) was developed in a record time of 8 months and installed in the Delhi area on 15th August.

Prior to the implementation of UTS, unreserved tickets were in the form of small purpose-built cards, specially printed for each origin-destination pair of stations. Disbursing these tickets was a mammoth exercise, requiring mundane and wasteful effort just to keep the tickets in stock.

Passengers faced crowded and chaotic ticket windows, last-minute ticketing glitches, and opaque ticket refund rules.

The UTS has eliminated all these bottlenecks by having a centralised database of tickets, which can be bought in advance from any ticket window.

The introduction of ATVMs (Automatic Ticket Vend-ing Machines) and smart cards has made ticketing even simpler for Mumbai’s suburban passengers.

Accounting of the money received from remote rural stations, which used to take months, is carried out by running regular end-of-day routines.

UTS now runs at more than 5500 stations across the country. It accounts for more than 95% of all unreserved tickets sold.

In a related development, in July 2011, CRIS provided automatic flap-type gates for the Kolkata Metro along with in-house ticketing software to take over from the aging turnstiles.

Managing Train Operations

The FOIS system manages the operations of all freight trains in the Railways. Similarly, the movement and operation of passenger trains is managed by the Integrated Coaching Management System (ICMS). This system collects online information from 220 major yards in the country and provides Railway managers with updated information on passenger train consists, locomotive availability, and maintenance schedules. ICMS was envisaged in 2003 and implementation was completed in 2008.

Two systems that have changed the way the Railways function internally are the Control Office Application (COA) and the Crew Management System (CMS).

COA assists each train controller (Section Controller in Railway parlance), located in the Divisional Control Offices, to manage short-term train movements. Section Controllers prepare their Control Charts on the COA terminal automatically through the COA program.

This frees them up to plan train movements more effectively, leading to more throughputs in each section. The COA provides the controllers with an intuitive interface similar to the manual chart, with which they are fully familiar. Ultimately, the train position will get automatically populated in the chart by transmitting GPS location data from the train locomotive directly into the COA database.

COA also provides spin off benefits to the passengers. COA’s train movement data and movement forecasts are picked up by the National Train Enquiry System (NTES) to provide train position to passengers through the NTES website and the 139 call-centre.

The Crew Management System, on the other hand, benefits running staff (Train Drivers or Loco Pilots, Assistant Loco Pilots, and Guards) by rationalising their working hours, informing them via SMS about impending duty rosters, and providing them with simple kiosk-based sign-on and sign-off facilities. Mileage allowances to compensate for their movement outside their home station are also automatically calculated by this system.

COA was developed in 2005 and remained on trial up to 2007. Thereafter it was implemented in all 70 Divisional Control offices by 2010. CMS also was developed by CRIS during this period and implementation in 340 crew lobbies (all but the smallest ones) was completed

by 2011. Scheduling of passenger trains remains an arcane art in railways worldwide. A large number of factors need to be optimised in order to prepare a workable yet efficient train schedule. Apart from passenger trains, freight trains have also to be provided line capacity to

Maximise freight throughput.

CRIS is in the process of developing the necessary algorithms and programs to enable the design of optimised and stable train schedules, which maximise efficiency in the Railway system. Preliminary work on this system is already over and the first version of the “Sat- sang” (Software aided Train Scheduling and Network Governance) is about to be rolled out.

Material and asset management systems

Indian Railways buys materials worth well over `15,000 crore annually to maintain its assets consisting of more than 7000 stations, 112,000 track Km of permanent way (30 percent of it with overhead electrification equipment), 9000 locomotives, 2,25,000 freight wagons, and 45,000 passenger coaches.

Managing the material is a gigantic task. Material management systems comprising procurement and inventory control functions have been established in all Railway units. However, it is planned to centralise the Material Management systems.

This onerous task has been awarded to CRIS for implementation, and is targeted for completion in the next 3 years. In the meantime, a fully automated and secure e-procurement system had been put in place centrally by CRIS in 2008.

This system has already been used for finalisation of more than 3 lakh tenders, and more than 14000 vendors are enrolled in it.

The entire application is PKI enabled and completely secure. Railway assets are spread out across the country. It becomes easy to manage them effectively if geo-spatial data about the assets is maintained in a central repository.

This aspect has been recently addressed with the initiation of a project for preparation of a geospatial database and GIS map to cover all of the Railways’ fixed and moving assets. IT systems in Indian Railway’s Production Units have evolved over the years.

A landmark was reached in March 2012 when a comprehensive SAP-based ERP system was implemented in the Integral Coach Factory (ICF) after 24 months of design and development effort. The system provides an integrated view of the organisation for all levels of managers and staff.

Conclusion

Indian Railways has used Information Technology to improve the experience of passengers and freight customers. Increasingly, IT applications are being developed to address internal efficiency and effectiveness. Indian Railways now finds itself in an age in which rapid assimilation of IT in all walks of life opens up greater opportunities. The

recent acceleration in development and deployment of IT systems is evidence of Indian Railway’s commitment to the common citizen of India.

Information Systems and Management Strategy Case Studies:- E-

Commerce

Learning Objectives

In this lesson, we will introduce you to e-commerce systems. After you work out

this lesson, you should be able to

➢ Understand the components of an e-commerce system

➢ Explain the trends in e-commerce

➢ Identify the important features of a web storefront

In this lesson, we will discuss the following

➢ E-commerce process

➢ Electronic payment options

➢ Web store requirements

➢ Mobile commerce

Introduction

Electronic commerce or e-commerce refers to a wide range of online business activities for products and services. It also pertains to “any form of business transaction in which the parties interact electronically rather than by physical exchanges or direct physical contact”.

E-commerce is usually associated with buying and selling over the Internet, or conducting any transaction involving the transfer of ownership or rights to use goods or services through a computer-mediated network. Though popular, this definition is not comprehensive enough to capture recent developments in this new and revolutionary business phenomenon.

A more complete definition is E-commerce is the use of electronic communications and digital information processing technology in business transactions to create, transform,

and redefine relationships for value creation between or among organizations, and between organizations and individuals

Types of E-Commerce

The major different types of e-commerce are business-to-business (B2B); business-to-

consumer (B2C); consumer-to-consumer (C2C).

B2B E-Commerce

B2B e-commerce is simply defined as e-commerce between companies. This is the type

of e-commerce that deals with relationships between and among businesses. About

80% of e-commerce is of this type, and most experts predict that B2B e-commerce will

continue to grow faster than the B2C segment.

The B2B market has two primary components e-frastructure and e-markets. E-

frastructure is the architecture of B2B, primarily consisting of the following

➢ Logistics - transportation, warehousing and distribution (e.g., Procter

and

Gamble);

➢ Application service providers - deployment, hosting and management of

packaged

software from a central facility (e.g., Oracle);

➢ Outsourcing of functions in the process of e-commerce, such as Web-

hosting,

security and customer care solutions (e.g., outsourcing providers such as eShare);

➢ Auction solutions software for the operation and maintenance of real- time

auctions in the Internet (e.g., OpenSite Technologies);

➢ Content management software for the facilitation of Web site content

management

and delivery (e.g., ProcureNet); and

➢ Web-based commerce enablers (e.g., Commerce One, a browser-based, XML

enabled purchasing automation software).

E-markets are simply defined as Web sites where buyers and sellers interact with each

other and conduct transactions.

The more common B2B examples and best practice models are IBM, Hewlett

Packard (HP), Cisco and Dell. Cisco, for instance, receives over 90% of its product orders

over the Internet.

Most B2B applications are in the areas of supplier management (especially purchase

order processing), inventory management (i.e., managing order-ship- bill

cycles), distribution management (especially in the transmission of shipping

documents), channel

management (i.e., information dissemination on changes in operational conditions),

and payment management (e.g., electronic payment systems).

B2C E-Commerce

Business-to-consumer e-commerce, or commerce between companies and

consumers, involves customers gathering information; purchasing physical goods

(i.e., tangibles such as books or consumer products) or information goods (or goods of

electronic material or digitized content, such as software, or e- books); and, for

information goods, receiving products over an electronic network.

It is the second largest and the earliest form of e-commerce. Its origins can be

traced to online retailing (or e-tailing). Thus, the more common B2C business models

are the online retailing companies such as Amazon.com. Some of the Indian B2C e-

commerce firms are futurebazaar.com (from Big Bazaar), thehindushopping.com,

indiaverta.com, fabmart.com and so on. Other B2C examples involving information

goods are Travelocity and Expedia.

The more common applications of this type of e-commerce are in the areas of

purchasing products and information, and personal finance management, which

pertains to the management of personal investments and finances with the use of

online banking tools (e.g., Quicken).

B2C e-commerce reduces transactions costs (particularly search costs) by

increasing consumer access to information and allowing consumers to find the

most competitive price for a product or service.

B2C e-commerce also reduces market entry barriers since the cost of putting up and

maintaining a Web site is much cheaper than installing a “brick-and-mortar” structure

for a firm. In the case of information goods, B2C e-commerce is even more

attractive because it saves firms from factoring in the additional cost of a

physical distribution network. Moreover, for countries with a growing and robust

Internet population, delivering information goods becomes increasingly feasible.

C2C E-Commerce

Consumer-to-consumer e-commerce or C2C is simply commerce between private individuals or consumers.

This type of e-commerce is characterized by the growth of electronic marketplaces and online auctions, particularly in vertical industries where firms/businesses can bid for what they want from among multiple suppliers. It perhaps has the greatest potential for developing new markets.

This type of e-commerce comes in at least three forms

➢ Auctions facilitated at a portal, such as eBay, which allows online real- time

bidding on items being sold in the Web;

➢ Peer-to-peer systems, such as the Napster model (a protocol for sharing

files between users used by chat forums similar to Internet Relay Chat) and other file exchange and later money exchange models; and classified ads at portal sites such as Sulekha.com and justdial.com classifieds.

Consumer-to-business (C2B) transactions involve reverse auctions, which empower the consumer to drive transactions.

A concrete example of this when competing airlines gives a traveler best travel and ticket offers in response to the traveler’s post that she wants to fly from one place to another as in www.priceline.com.

Components of a Typical Successful E-Commerce Transaction Loop

E-commerce does not refer merely to a firm putting up a Web site for the purpose of selling goods to buyers over the Internet.

For e-commerce to be a competitive alternative to traditional commercial transactions and for a firm to maximize the benefits of e-commerce, a number of technical as well as enabling issues have to be considered.

A typical e-commerce transaction loop involves the following major players and corresponding requisites The Seller should have the following components

A corporate Web site with e-commerce capabilities (e.g., a secure transaction server);

A corporate intranet so that orders are processed in an efficient manner; and IT-literate employees to manage the information flows and maintain the e-commerce system.

Transaction partners include

Banking institutions that offer transaction clearing services (e.g., processing credit card payments and electronic fund transfers);National and international freight companies to enable the movement of physical goods within, around and out of the country. For business-to- consumer transactions, the system must offer a means for cost-efficient transport of small packages (such that purchasing books over the Internet, for example, is not prohibitively more expensive than buying from a local store); and Authentication authority that serves as a trusted third party to ensure the integrity and security of transactions.

Consumers (in a Business-to-Consumer Transaction) who

Form a critical mass of the population with access to the Internet and disposable income enabling widespread use of credit cards;

Possess a mindset for purchasing goods over the Internet rather than by physically inspecting items.

Firms/Businesses (in a business-to-business transaction) that together form a critical mass of companies (especially within supply chains) with Internet access and the capability to place and take orders over the Internet.

Government, to establish

A legal framework governing e-commerce transactions (including electronic documents, signatures, and the like); and Legal institutions that would enforce the legal framework (i.e., laws and regulations) and protect consumers and businesses from fraud, among others.And finally, the Internet, the successful use of which depends on the following

A robust and reliable Internet infrastructure; andA pricing structure that doesn’t penalize consumers for spending time on and buying goods over the Internet (e.g., a flat monthly charge for both ISP access and local phone calls).

Advantages of E-Commerce for Businesses

E-commerce serves as an “equalizer”. It enables start-ups and small- and medium-sized enterprises to reach the global market.

However, this does not discount the point that without a good e-business strategy, e-commerce may in some cases discriminate against SMEs because it reveals proprietary pricing information. A sound e-business plan does not totally disregard old economy values. The dot-com bust is proof of this.

E-commerce makes “mass customization” possible. E-commerce applications in this area include easy-to-use ordering systems that allow customers to choose and order products according to their personal and unique specifications. For instance, a car manufacturing company with an e-commerce strategy allowing for online orders can have new cars built within a few days (instead of the several weeks it currently takes to build a new vehicle) based on customer’s specifications. This can work more effectively if a company’s manufacturing process is advanced and integrated into the ordering system.

E-commerce allows “network production.” This refers to the parceling out of the production process to contractors who are geographically dispersed but who are connected to each other via computer networks. The benefits of network production include reduction in costs, more strategic target marketing, and the facilitation of selling add-on products, services, and new systems when they are needed. With network production, a company can assign tasks within its non- core competencies to factories all over the world that specialize in such tasks (e.g., the assembly of specific components).

Payments on Internet

Most of online purchases are paid for by a credit card. Merchants like credit card payments because an instant authorization guarantees that the card is valid (as opposed o a check which may bounce). Customers like paying by credit cards because they can easily cancel a transaction in case when they don’t receive products or services according to the agreement in the transaction.

While some of credit card payments for online services are performed by phone, most of such payments are made by filling in an online form.

Credit card information submitted by the customer is sent to the bank which has issued the credit card to verify.

If the transaction is approved, the merchant notifies the customer that the order has been placed. The actual transfer of money from the credit card bank to the merchant may happen in a few hours, or even in a few days.

Merchants who accept credit card payments pay fee (between 1 and 7 percent of the card charge) for each card charge. In addition, in some cases merchants pay authorization fee for each credit card authorization attempt, as well as other fees related to credit card processing.

In case when a customer is not satisfied with the product or a service, or for other reasons, merchants may issue a refund or a charge-back to the customer’s account.

Technical Issues

There are several technical issues involved in online credit card payments as described below

Quick Check for Typos

Since the merchant may be charged for each credit card authorization, it is convenient to check that the credit card number makes sense before sending it to the issuing bank to authorize.

There is an easy algorithm to verify a credit card number the last digit of the credit card number is computed from the other digits using a simple procedure. The details are given here.

The algorithm is public, and therefore can be used only to catch typos and disallow random data, but not to check the validity of a credit card number.

Authenticating the User Protection from Customer Fraud

Since the card is not physically present during the transaction, it is practically impossible for a merchant to distinguish a legitimate credit card user from a thief. In online transactions the user is usually asked to provide additional information, such as their address and phone number, and the card’s billing address, if different from the customer’s address.

However, this information can be easily mistyped. While in a telephone transaction an operator can use their judgment to approve or reject a transaction based on how much of the information has matched and how confident the customer sounds, in an online transaction the level of “tolerance” of typos and mistakes must be set automatically.

Another way of verifying a card number is to ask the user to provide the additional digits on the card (the digits which do not appear on the magnetic strip or on a carbon paper when the print of the card is taken).

However, online customers may be reluctant to provide this information because of fear of merchant’s fraud (see below) or of eavesdropping.

Protecting Card Numbers in Transmission

Since information transmitted in an online transaction is sufficient for approval of a credit card charge, it is essential that this information is protected from eavesdropping.

The most common way of doing it is to encrypt data in transmission.

This is done via SSL. However, many online businesses do not use SSL when transmitting credit card numbers and other customer information, or do not make SSL the default for such transmissions.

While it is theoretically possible to obtain credit card information sent in plain text (in an e-mail message or via an online form), so far there hasn’t been a known case when a credit card number was stolen this way.

Protecting Card Numbers on the Merchant’s Site In practice, the main vulnerability of dealing with credit card numbers is not the transmission, but the storage.

Security experts agree that storing credit card numbers at the merchant’s site is a risky practice, and should be avoided. If credit card numbers need to be stored, they should be stored on a secure machine, and preferably in an encrypted form.

They should not be stored in a database which is (at least partially) accessible to customers, nor should they be stored (in any form) on the web server.

Electronic Payment Systems

Electronic payment systems are non-credit-card online payment systems. The goal of their development is to create analogs of checks and cash on the Internet, i.e. to implement all or some of the following features

1. Protecting customers from merchant’s fraud by keeping credit card numbers unknown to merchants.

2. Allowing people without credit cards to engage in online transactions.

3. Protecting confidentiality of customers.

4. In some cases providing anonymity of customers (“electronic cash”).

The problems in implementing electronic payment systems, especially anonymous electronic money, are

1. Preventing double-spending copying the “money” and spending it several times. This is especially hard to do with anonymous money.

2. Making sure that neither the customer nor the merchant can make an unauthorized transaction.

3. Preserving customer’s confidentiality without allowing customer’s fraud.

While electronic payment systems have not gained a very wide popularity, except for PayPal system used on online auctions, such as eBay, they may become more popular in the future if more businesses start using them.

Electronic payment systems may be more convenient for international online business due to differences in credit card customer protection laws in different countries.

Virtual PIN

Virtual PIN, started in 1994 by a company called First Virtual Holding, was a system for making credit card payments over the Internet without exposing the credit card number to the merchant. It required no special software for a customer to make a purchase. Virtual PIN relied on difficulty of intercepting and forging e-mail. To enroll, a customer gives their credit card information and their e-mail address to the First Virtual (this was done by phone). After the credit card information has been verified, the customer receives their PIN by e-mail.

The procedure for purchasing an item using Virtual PIN is as follows

The customer gives the merchant their Virtual PIN.

➢ The merchant sends the Virtual PIN and the amount of transaction to First Virtual.

➢ First Virtual sends an e-mail to the customer asking to confirm the purchase.

➢ The customer answered “Yes”, “No”, or “Fraud”. If the answer is “Yes”, the merchant is informed that the charge has been accepted.

If “No”, the charge is declined. If the answer is “Fraud”, the charge is investigated.

Even though no encryption was involved, an eavesdropper could not use a virtual PIN without being able to intercept and answer the e-mail message to confirm the purchase.

DigiCash (or E-Cash)

DigiCash (also known as E-cash) is an electronic payment system developed by

Dr. David Chaum, who is widely regarded as an inventor of digital cash. The system was based on digital tokens called digital coins. DigiCash operated as follows

➢ A customer establishes an account with the bank or other organization that could

mint and receive digital coins. The customer’s account was backed by real money

in some form, for instance it could be linked to the customer’s checking account.

➢ The customer also needs to download and install a software called electronic

wallet.

➢ To obtain DigiCash, the customer uses the electronic wallet to create digital coins.

The coins are sent to the bank to sign. When the coins are signed, the equivalent amount of money is withdrawn from the customer’s account.

In the proposed protocol the customer also had an option of “blinding” the coins.

To blind a coin, the customer multiplies it by a random number r before sending it to the bank to sign.

The bank signs the data. After the data and its digital signature are sent to the customer, the customer computes the digital signature of the original (non-multiplied) coin by dividing the bank’s signature by r. This way the bank doesn’t know the coin, but the customer, who knows r, can trace his/her payments. Blind signatures have not been implemented.

To find out why blind signatures work, read the article Cryptography and Number Theory for Digital Cash by Orlin Grabbe. This article explains mathematics behind blind signatures. This material is optional.

When the customer wants to make a purchase, he/she sends signed digital coins to the merchant. The merchant verifies the bank’s signature and deposits the coins to the bank, where they are credited to the merchant’s account.

The DigiCash (or E-cash), produced by the company DigiCash BV based in Amsterdam, has never created a market. The company eventually declared bankruptcy.

However, the algorithms used in DigiCash are considered fundamental in development of digital money.

CyberCash/CyberCoin

CyberCash is a system that allows customers to pay by a credit card without revealing the credit card number to the merchant. To achieve this, a credit card number is sent to the merchant in an encrypted form.

To enroll, a customer installs software called CyberCash wallet on their computer. At the time of the installment the wallet generated a pair of a public and a private key.

The wallet was protected by a passphrase, and a backup key was stored encrypted on a floppy disk.

A CyberCash account was linked to the customer’s credit card. A variation of this scheme called CyberCoin was linked to the customer’s checking account.

A purchase was conducted the following way

➢ When the purchase was initiated, the CyberCash wallet displayed the amount, the merchant’s name, and other information. After the customer approved the transaction, an encrypted payment order was sent to the merchant.

➢ The merchant could decrypt some of the information in the order, such as the

product list, the address, etc., but not the other (such as the credit card information).

The merchant’s software would add its own payment information to the order, digitally sign it, and then send it to the CyberCash gateway.

➢ The CyberCash gateway would decrypt the information. The order would be checked for duplicate requests. The gateway would verify that the customer’s and the merchant’s order information match (i.e. no fraud was committed on either side). Then it would perform the money transfer and send the approval message to the merchant.

The main point of this scheme was to prevent merchant’s fraud, and thus allow customers to do business with more merchants without fear of scam. However, CyberCash and CyberCoin were not able to find the market. The main reasons for the failure were the large size of customer’s software and the fact that very few merchants would accept CyberCash payment. The company was eventually bought by VeriSign.

SET (Secure Electronic Transactions)

SET is the Secure Electronic Transaction protocol for sending money over Internet. It has been developed jointly by MasterCard, Visa, and several computer companies.

SET uses mechanisms similar to CyberCash. However, being a standard protocol, it is built into a wide variety of commercial products.

In SET the order information consists of two parts the part which is private between the customer and the merchant (such as the items being ordered) and information which is private between the customer and the bank (such as the included in a single signed transaction the part private between the customer and the merchant is encrypted using the merchant’s private key, and the part private between the customer and the bank is encrypted using the bank’s public key.

To prevent changing the order information, the customer computes message digests of each part of the message separately, then takes the message digest of the two message digests, and then signs the resulting message digest.

This mechanism, called a dual signature, allows either the merchant or the bank to read and validate the signature on its half of the purchase request without having to decrypt the

other half.

The reason why SET never became popular was pretty much the same as for CyberCash the trouble of getting a digital wallet software and setting it up for each credit card was not worth it for a customer, because very few merchants would accept SET payments.

PayPal is an electronic payment system which can transfer money between its accounts. In order to use PayPal, one has to obtain a PayPal account, which is associated either with the customer’s credit card or with their regular bank account.

The validity of a credit card is checked by the usual ways. The validity of a checking account is checked as follows the customer gives PayPal their account number; PayPal makes two small-amount (less than $1) deposits to the account. If the customer is able to tell PayPal the value of these deposits, then the customer is assumed to be a legitimate user of the account.

PayPal provides easy interface to send money to anyone by giving the person’s e-mail account. In order for the person to retrieve the money, they must have a PayPal account. To avoid fraud, PayPal sends an e-mail message to both the initiator and the recipient of the transaction.

PayPal is used to settle online auctions, such as eBay auctions. The ease of use and the fact that no credit card is required to use it makes PayPal increasingly popular.

Example

Indian Railways online reservation system (operated by IRCTC) is very impressive and it supports a wide range of Internet banking services, credit card payments and other payment systems.

Smart Cards

Smart cards are cards that look like credit cards, but store information on a microprocessor chip instead of magnetic strips. A microchip can hold significantly more information than a magnetic strip. Because of this capacity, a single smart card can be used for many different purposes.

Unlike magnetic strip cards which can be read by any magnetic reader, and are therefore vulnerable to loss or theft, a smart card can be password-protected to guarantee that it’s only used by the owner.

Smart cards can run RSA encryption and can be programmed to generate a pair of public/private keys. The public key is made publicly readable, but the private key is be stored on the card without anyone being able to copy it. Therefore, to use the private key, the user must physically possess the card.

Smart cards are used in European telephones, and are gaining popularity for other purposes both in Europe and in the US.

Advantages and Disadvantages of Online Payment Systems

Typically, Internet merchant accounts are provided through an acquiring bank (or acquirer) that lets you accept credit cards, and sometimes other types of payments, online. As is the case with any business decision, there are advantages and disadvantages to online payment systems and other types of credit card processors.

In general, advantages tend to revolve around having direct control of the payment processing system. Disadvantages tend to revolve around mechanics, security, and logistics of being responsible for the entire payment process.

Advantages of Merchant Accounts and Other Online Payment Systems

Merchant accounts and third party payment processors provide needed online services. Advantages include

➢ Customer convenience - Online merchant accounts save site visitors the extra step of

writing and sending a check or calling in an order.

➢ Increased functionality - Internet processors also enable Web sites to be direct sales generator rather than simply lead generators or online brochures.

➢ Additional direct sales channel - Credit card processors help you add Internet sales as a revenue stream.

➢ Immediate authorization - With automation, you know immediately if an Internet

payment is valid. No waiting for checks to clear.

➢ Streamline payment process - With Internet merchant accounts and other payment

providers, there are fewer steps necessary to assure valid payment as compared to less automated processes.

Disadvantages of Internet Merchant Accounts

Like any other technology, there are disadvantages to online payment systems.

Some of the disadvantages of having your own Internet merchant account include

➢ You are responsible - With your own Internet merchant account, it is your

responsibility to maintain site function, resolve field service issues, etc.

➢ Fees - Various monthly fees are associated with Internet merchant accounts.

➢ Fraud - As a merchant, you may have to directly deal with credit card fraud.

➢ Security issues - Internet merchant accounts are only one piece of a reliable, secure

payment system. Private, sensitive information such as credit card numbers can be

stolen or altered; system integrity can be breached; and Web site spoofing are all risks with weak security systems.

➢ Agreements - Internet merchant accounts come with long agreements. Often, you

are committed to minimum time frames and/or dollar minimums.

Designing an E-Commerce Website Using 7Cs Framework

7Cs framework for e- commerce

website design. The interface is the virtual (and, to date, largely visible) representation of a firm’s chosen value proposition. Similar to a retail storefront, the virtual website provides significant information to current and prospective target market customers.

If designed effectively, the site quickly answers a number of basic questions that confront such users. Is this site worth visiting? What products or services does it sell?

What messages does the site communicate

Exclusivity? Low price? Ease of use? Consistent with a tightly constructed business model, well-designed sites should simultaneously attract target segment customers and repel (or not to appeal) non-targeted customers. Compelling sites communicate the core value proposition of the company and provide a rationale for buying from and/or visiting the site.

The following sections briefly describe the 7C

Context

The Context of the website is aesthetic and functional look-and-feel. Some sites have chosen to focus heavily on interesting graphics, colors, and design features, while others have emphasized more simply utilitarian goals, such as ease of navigation. Figure illustrates a webpage from Landsend.com. Lands’ End balances aesthetic (pastel colors; simple, warm visuals) and functional (crisp, uncluttered) design elements to communicate its core benefits—traditionally designed clothing, great service, and moderate prices.

In sharp contrast, an online apparel retailer - Luckyjeans.com will appear more hip, nontraditional brand; its website is comparatively more edgy, with bolder colors, humor (the “get lucky” slogan), and a more focused product line. Lands’ End customers might not find the Luckyjeans.com site appealing, purely because of its look- and-feel. Luckyjeans.com suggests a younger, more urban, and fashion-forward target segment. Compare the homepages (shown below) of these two online retailers.

Content

Community

Customization

Communication

Connection

Commerce

Note:- All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.

********************************* THE END ******************************