CHAPTER-1

INTRODUCTION

1.1 ABOUT PAYTM:

Paytm means Pay through Mobile. It is one of the largest is one of the fastest growing Indian ecommerce shopping websites launched in 2010. The name of the company who launched the Paytm is
One97 communication. Initially it is focused on Mobile and DTH recharging. The Company headquartered
in Noida, India.It gradually provided recharging and bill payment of various portals including electricity
bills, gas bills as well as telephone bills.
In 2014 Paytm has started the business same like as the facilities are getting from the other E-Commerce
company such as Flipkart, Amazon, and Snapdeal. Today, it is India's most popular online destination for
prepaid mobile & DTH recharges and shopping, and its Android and iOS apps have been ranked among the
most popular apps. In only 3 years since the founding, the company created a user base of 25 million wallet
users and 10 million app downloads.

1.2 ACHIVEMENTS:
2014 Paytm is Gold Winner at the MMA Smartys in the Mobile App category.
2014 Paytm is Silver Winner at the MMA Smartys in the m-Commerce category
2014 Paytm wins the Best Mobile Money product at the 4th India Digital Awards.
2013 Paytm wins Knowledge Faber Best Mobile Wallet Program Award.
2013 Paytm wins a special mention in m Billionth Awards in m-Commerce/m-Business category.
2013 Paytm is Gold Winner at the MMA Smartys for E-Commerce.

Anmol Sinha
1 | Page

2012 Paytm is recognized as the Most Innovative Startup of the Year at the Entrepreneur
Indiaeventorganized by Franchise India.

1.3 TECHNICAL ARCHITECTURE OF PAYTM:

Figure 2#: A high-level architecture for electronic commerce.

There are three components to this architecture: the Internet, a firewall, and your organization. The Internet
is where you will interact electronically with your customers, your firewall will provide you with
reasonable protection against people who wish you harm, and your organizations systems will process the
business transactions generated on the WWW by your customers.

Anmol Sinha
2 | Page

CHAPTER-2
WORKING AND TECHNOLOGIES OF PAYTM

2.1 SUPPLY CHAIN MANAGEMENT OF PAYTM:

It is the management of flow of goods and services to the customer. Supply chain management has been
defined as the "design, planning, execution, control, and monitoring of supply chain activities with the
objective of creating net value, building a competitive infrastructure, leveraging worldwide logistics,
synchronizing supply with demand and measuring performance globally.
Fig 3#: SCM of paytm

Anmol Sinha
3 | Page

2.2 WEB TECHONOLOGY OF PAYTM:

SERVER SIDE PROGRAMMING LANGUAGE

JAVASCRIPT
CLIENT SIDE PROGRAMMING LANGUAGE
JAVASCRIPT
MARKUP LANGUAGE
HTML
CHARACTER ENCODING
UTF-8: UTF-8 (8-bit Unicode Transformation Format) is a variable-length character encoding for
Unicode, which is backwards compatible with ASCII.
EXTERNAL CSS
External Cascading Style Sheets define style rules in a separate CSS file.
EMBEDDED CSS
Embedded Cascading Style Sheets define a set of style rules in a <style> element within a web page.
INLINE CSS
Inline Cascading Style Sheets define style rules directly within an (X)HTML element using the style
attribute.
Anmol Sinha
4 | Page

SESSION COOKIES
Session cookies are temporary cookies, which are deleted when the user closes the browser.
EXTERNAL CSS

External Cascading Style Sheets define style rules in a separate CSS file.

EMBEDDED CSS
Embedded Cascading Style Sheets define a set of style rules in a <style> element within a web
page.
INLINE CSS
Inline Cascading Style Sheets define style rules directly within an (X)HTML element using the style
attribute.
SESSION COOKIES
Session cookies are temporary cookies, which are deleted when the user closes the browser
HTTPONLY COOKIES
Http Only cookies are used only in the HTTP protocol and not in client side scripts, which may increase
security.
NON-HTTPONLY COOKIES
Non-Http Only cookies are used in the HTTP protocol and also in client side scripts, which may be a
security threat.
SECURE COOKIES
Anmol Sinha
5 | Page

Secure cookies are used only via encrypted connections, which may increase security.
HTTP STIRCT TRANSPORT SECURTIY
HTTP Strict Transport Security (HSTS) defines a mechanism enabling web sites to declare themselves
SSL CERTIFICATE AUTHORITY
GeoTrust is a SSL certificate authority owned by Symantec. This includes SSL certificates issues by the
certification branch of Equifax, which was acquired by GeoTrust.
WEB SERVER
NGINX - Nginx (pronounced as "engine X") is a lightweight open source web server.
NODE.JS - Node.js is a server-side JavaScript environment for writing network programs such as web
servers.
TOP LEVEL DOMAIN
.COM - Commercial entities

2.3 WEB BASED TOOLS OF PAYTM:

The basic requirement for a merchant to have a Web presence or have an electronic commerce site, is
A connection to the Internet, and
A Web server in the company network.

Anmol Sinha
6 | Page

The two main ingredients in a Web server are its hardware and software.

2.3.1 WEB SERVER HARDWARE:

A merchant should think carefully when making a decision on the Web server computer. The decision
depends on factors such as:

Operating system of the network. UNIX operating system is found to be more rugged than that of
Windows, but UNIX is more complex to manage than Windows.

Hardware requirement of the Web server software. A PC with a midrange CPU, small hard drive,
and 32 megabytes of memory will perform poorly when compared with a high-end workstation or a
powerful UNIX-based computer.

Expected traffic or the number of transaction per unit time. Running a large, enterprise-class
application server (such as an ERP system) on a personal computer is not feasible.

Other software running on the same computer. For example, running a Web server and a database
server can significantly slow down the performance of a computer.

Scalability of the hardware -- meaning upgrade of components such memory, disk space, disk
mirroring, or even connect additional Web servers if necessary.

2.3.2 Benchmarking Web Server Hardware and Software:

A benchmark test considers several factors such as:
Anmol Sinha
7 | Page

The computer hardware

The Web server software
Network connection: A Web server on a T3 connection can deliver Web pages to clients much faster
than it could on a T1 connection.
Throughput: It is the number of HTTP requests that a particular hardware and software combination
can process in a unit of time.
Response Time: It is the amount of time that a server requires to process one request.
Type of Web page: A server that delivers mostly static Web pages will perform better than the same
server that delivers dynamic Web pages. A dynamic page is a Web page whose content is shaped by
a program in response to user request (such as a database query), versus a static page, which is just a
plain HTML page.

2.3.3 Web Server Software Feature Sets:

All Web server software provides some basic features which can be classified as:
Core capabilities
Site management
Application Construction, and
Electronic commerce

CORE CAPABILITIES:
IP-Sharing or Virtual Server
Logical file
Security
FTP
Anmol Sinha
8 | Page

Site Analysis
Searching

SITE MANAGEMENT:
A Web server provides tools to manage multiple Web sites, file security, virtual file, and log file
analysis.
Administration of a Web server can be performed from a remote computer in the network.

APPLICATION DEVELOPMENT:
Application development includes Web editors and extensions to produce Web pages either static or
dynamic. These include HTML editors such as FrontPage for static Web pages. For dynamic Web pages,
there are protocols such as Common Gateway Interface (CGI) and Application programming Interface
(API) that are used by programs such as Java and C++ to develop dynamic Web pages.

ELECTRONIC COMMERCE:
Some Web servers provide advanced services that support online selling and buying (such as shopping cart
and catalog services). Electronic commerce software can provide templates and other tools to quickly
develop an e-commerce site. This might include templates for product browsing, shopping carts, and credit
card processing.

Anmol Sinha
9 | Page

CHAPTER-3
REVENUE MODEL OF PAYTM

Paytm earn their revenue through the market place model. They work on market place model and they
believe in the market place model for their revenue, they give to opportunity to vendors to sell or listed
their products on Paytm website, so the buyer are comes and buy the products. In this activity paytm charge
commission from the seller so this is some part how they generate their revenue. They do also some more
activity to generate their revenue.
Paytm knows that Revenue model is framework of revenue.it is a description how a business generates
income, profit, or an average earning in a business. And they fully concentrate on their revenue model.
That believes also purely marketing strategy, they get earnings from sponsored advertisers, showing ads,
they give coupons (from sponsors), so in order to gain some popularity and to bare the competition they are
Anmol Sinha
10 | P a g e

giving the cashback. So they attract more visitors as well as get more sponsors, ultimately making them
profitable. Its a most profitable strategy ofPaytm.

Fig#4: Screen shot of Paytm market place: they give the opportunity to sell their product on Paytm
web site.

3.1 Registration process for merchants in Paytm website:

Paytm provide market place for merchants. This is a registration process for merchants to register
themselves in Paytm website. They provide simple registrations for merchants to sign up in the site, the
mandatory fill up are show red star (*) they must fill up by merchants. The form process is very simple you
fill up are some necessary things like: name, email-id, mobile number, city, business name, category
(business), and business address. And all completion you press the submit button and after you can business
in the Paytm website. This a activity of Paytm to earn their revenue through the merchants.

Anmol Sinha
11 | P a g e

Anmol Sinha
12 | P a g e

After completion of this process Paytm offer to merchants choose the subscription plan this is the way
Paytm earn the revenue from the merchants throughthe subscription model. This is the part of subscription
model of Paytm.

3.2 Overview: How Merchants Sell Their Products Through Paytm Site:

Anmol Sinha
13 | P a g e

This screenshot shows the seller name, product description that is filled by the seller, product images, and
the price of the product that all this filled are set by the seller. If the buyer buys this product from the site so
seller paid commission to Paytm on every sell.

Anmol Sinha
14 | P a g e

Fig 6#: This is the activity the paytm earn revenue from the seller as a commission when seller
products are sold in this site. This is the best strategy for paytm to earn their revenue part.

3.3 The Subscription Charges from the Merchants:

This is theannually subscription plan they charge by Paytm from their seller, they divided their subscription
charges into four categories: Silver plan
Gold plan
Platinum plan

Budget (zero setup plan)

This plan have own their benefits, highest plan is platinum plan give more benefits to seller to sell their
product in site. In other hand silver plan give less benefits as comparative to platinum or gold plan. This all
the plans are charged by the seller one time in the annually.

Anmol Sinha
15 | P a g e

Fig 7#
The Paytm charge also additional charges through the seller like: annual maintenance charge
(AMD) that is 2500 annually, and 12.38% charges if its applicable. Its a part of Paytm subscription
model to generate their revenue. In this strategy Paytm give the more opportunity (plan) to its
merchant and give the different benefits to the seller.

3.3.1 Top Merchants They Use Paytm Wallet:

This all are merchants with Paytm wallet, this merchants are contribute revenue for Paytm to provide
Paytm wallet facility to buyer. This is also the way the Paytm earn the revenue from the buyers. All this are
big e-business site they are done huge transaction daily. The merchants avails the facility Paytm wallet
Anmol Sinha
16 | P a g e

which is provided by Paytm. The branded merchants in the paytm are: Dominos, jabong.com, Book My
Show, ebay, uber, and Haldiram.
Fig 8#

3.4 REVENUE MODEL ADOPTED BY PAYTM:

They are some models they are adopted by the paytm to generate their revenue the model are shown below:

Anmol Sinha
17 | P a g e

Fig 9#

3.4.1 ADVERTISING REVENUE MODEL:

Anmol Sinha
18 | P a g e

In this model paytm allow to merchants shows their advertisement on paytm websites and charges some
amount for this advertisement. This is the way the paytm used to generate their revenue. This method for
generate revenue are covered under the advertising revenue model.
This model is more beneficial for paytm to generate their revenue. The charges are charger by them they
advertised their product on paytm site.
The yippee noodles show their advertisement on the paytm site and they paid some money to paytm. This is
a way paytm generate the revenue from the advertisement revenue model.

Fig 10#: Its a screen shot shows how yippee noodles show their advertisement on paytm site

3.4.2 SUBSCRIPTION REVENUE MODEL:

Anmol Sinha
19 | P a g e

Paytm also use the subscription model. They charge the subscription amount from the seller annually and
generate their revenue. They categorized their subscription into four categories all are mention and discuss
early in this project. They charge annually maintenance charges also as a commission that is RS 2500. This
whole process is comes under the subscription model of paytm through them they generate their revenue.
The subscription model is most beneficial for paytm because all the sellers who are register themselves into
paytm all are paid subscription charges to run their business in paytm site. Basically the paytm adopt the
paid circulation subscription revenue model to generate the revenue in their business. This is the most
beneficial model as comparative to others model to generate the revenue.

3.4.3 TRANSACTION REVENUE MODEL:

Paytm also charge their revenue through the buyer as well as seller transactions. Through this model paytm
charge some amount from buyer and seller when they transact in the paytm site and avail the paytm facility.
This screen shot shows that what charges paytm charges when the buyer are transact through paytm
wallet.

If you loading your money into the wallet, paytm charges nothing amount in this transaction,
If you purchase any product at merchant site the paytm also charge nothing in this transaction.
Anmol Sinha
20 | P a g e

If you transfer the money into one wallet to other person wallet, on this transaction paytm also not charge
any amount. But if you transfer the money from paytm wallet to bank paytm charge 4% of the
amount that you are transfer into bank .This is the transaction revenue model of paytm .

3.4.4 ADVANCE PAYMENT REVENUE MODEL:

In this model paytm received the interest on the payment of customer until they are not transfer the money
into seller account. When the paytm received amount from the customer they are not instantly transfer on
seller account. They hold the amount and gain the interest on this amount. Through this process paytm
generate their revenue from the advance payment revenue model.
This model is very beneficial for paytm to generate the revenue this all process is also called escrow
account process.

3.4.5 COMMISION REVENUE MODEL:

In this model paytm charge commission from the seller for their listed product in paytm websites. And they
charge commission on every sale on the site of paytm from the seller. This commission is totally based on
the sale of the product if buyer buys the product from the paytm site so paytm charge the commission from
the seller for each sell in their website. Through this process paytm generate their revenue. The commission

Anmol Sinha
21 | P a g e

based model are also beneficial for generate the revenue .the commission based model are also trend in
ever e-business site, paytm also adopt this revenue model to generate their revenue.

3.4.6 They Are Some Other Activity the Paytm Earn the Revenue:

Paytm escrow: through escrow account paytm received interest, when buyer payment to their purchase
that amount hold by paytm until customer not confirm it, if customer not confirm in next 7 days paytm
expect buyer satisfied with the product and they transfer the money seller account.
Paytm earn by advertising other products on websites.
Patym charges annual subscription fees to the sellers who list their products on website
Introducing Paytm Wallet, a secure digital wallet where you can store money and use it to make quick
recharges, pay bills, do shopping on Paytm. You can also send money to friends & pay for various
services like Uber, MakeMyTrip, BookMyShow& many more.

3.5 WHY PEOPLE ATTRACT TOWARD PAYTM:

Easy Accessible:
The paytm side easy to accessible they are much easy as compare to other site people are like them for
their easy accessible specialty .paytm also available on the mobile, tablets, laptops , and for paytm the
high speed data connection is not required .it is easily work on mobile without any problem.
Anmol Sinha
22 | P a g e

Chat Facility:

Paytm provide chat facility to their buyer so they can bargain the product price from the seller..through
very easy steps they can avail the facilty of paytam chat facility.
This screen shot define how a customer bargains to the seller:

Anmol Sinha
23 | P a g e

Fig 11#

Anmol Sinha
24 | P a g e

Mobile Friendly:

Paytm service is also available in mobile so you can easily download and use this application in your
mobile anywhere. On other hand we can say that its a mobile friendly application.
They are available on many stores:

Fig 12#

Safe and Secure Payment:

paytm uses many trusted software for their security purpose they used many security application they
provided best security when any transaction are done, they uses 256 bit of encryption for their security
purpose.

Anmol Sinha
25 | P a g e

Fig 13# this are the application/ software paytm use for their security purpose

RBI Approved Digital Wallet:

Their digital wallets are approved by the reserve bank of India (RBI). So people are trusted on

their paytm wallet service. That means they follow all the rules and regulation they are required to
work e-wallet.
They provide 45+ banks for net banking. (One of the largest Payment Gateways in India.)
You can also Rs 1 lakh plus money transfer (follow the KYC (know your customer) rule and

regulation) otherwise its RS 10000.

Seller Opportunity InPaytm:

Fig 14#: A consumer can also sell or do business with the help of paytm

Anmol Sinha
26 | P a g e

Partner With Paytm:

Anmol Sinha
27 | P a g e

Fig 15#

CHAPTER-4
E-COMMERCE SECURITY & PAYTM

4.1 WHAT IS E-COMMERCE SECURITY?

Computer security refers to the technological and managerial procedures applied to computer systems to
ensure the availability, integrity, and confidentiality of information managed by the computer system
against unauthorized access, modification, or destruction. It deals with the transmission of data in a secured
environment to the people sitting thousand miles away from each other. Intruders penetrate into the
computer using different ways; they make use of malicious programs to cause destruction and breach
privacy. Security experts make use of firewall and cryptography techniques to prevent suspicious data from
reaching to the host computer and use algorithms to encrypt the data while sending it across the
network.Computer securityrefers to the protection given to computers and the information contained in
Anmol Sinha
28 | P a g e

them from unauthorized access. It involves the measures and controls that ensure confidentiality, integrity,
and availabilityof the information, processed and stored by a computer. These three aspects are responsible
for effective computer security.
With an increasing amount of people getting connected to networks, the security threats that cause massive
harm are increasing also. Network security is a major part of a network that needs to be maintained
because information is being passed between computers etc and is very vulnerable to attack. Over the past
five years people that manage network security have seen a massive increase of hackers and criminals
creating malicious threats that have been pumped into networks across the world
E-commerce security is the protection of e-commerce assets from unauthorized access, use, alteration, or
destruction of data.More than $388 billion globally per year attributed to cybercrime and a large portion of
that is related to e-commerce.

4.1.1 Six Dimensions of E-Commerce Security:

Integrity: prevention against unauthorized data modification
Nonrepudiation: prevention against any one party from reneging on an agreement after the fact
Authenticity: authentication of data source
Confidentiality: protection against unauthorized data disclosure
Privacy: provision of data control and disclosure
Availability: prevention against data delays or removal

4.2 E-COMMERCE THREATS:

Anmol Sinha
29 | P a g e

 Intellectual Property Threats:

These are those use existing materials found on the Internet without the

owner's permission, e.g., music downloading, domain name (cybersquatting), software pirating.
Client Computer Threats:

Trojan horse:Appears benign, but does something other than expected.

Bots: Covertly installed on computer; respond to external commands sent by attacker to create a
network of compromised computers for sending spam, generating a Dodos attack, and stealing
info from computers.

Viruses:Replicate and spread to other files; most deliver payload (destructive or benign) Macro
viruses, file-infecting viruses, script viruses.

Worms:Designed to spread from computer to computer Can replicate without being executed by a
user or program like virus.

4.2.1 Unwanted ProgrammerInstalled without Users informed:

Browser parasites : Can monitor and change settings of a users browser
Adware : Calls for unwanted pop-up ads
Spyware: Can be used to obtain information, such as a users keystrokes, e-mail, IMs, etc.

Communication Channel Threats:

Sniffer Program:Eavesdropping program that monitors information traveling over a network.

Anmol Sinha
30 | P a g e

 Phishing :Deceptive online attempt to obtain confidential information

E-Mail Scams:

Spoofing Legitimate Web Sites: Misrepresenting oneself by using fake e-mail addresses or
masquerading as someone else Spoofing a Web site is called pharming, redirecting a Web link to
another IP address different from the real one Threatens integrity (steal business from true site, or
alter orders and send to true site), and authenticity (difficult to distinguish between true and fake
Web address) Carried out by hacking local DNS servers.

Denial-of-service (DOS) Attack:Hackers flood Web site with useless traffic to inundate and
overwhelm network. Use of bot networks built from hundreds ofcompromised workstations.

Distributed Denial of Service (Ddos) Attack: Hackers use multiple computers to attack target
network from numerous launch points Microsoft and Yahoo have experienced such attacks.

Anmol Sinha
31 | P a g e

Fig 16#

Server Threats:
Hacking:Hackers are those Individual who intends to gain unauthorized access to computer systems.
Whereas Crackers are those Hack with criminal intent.
Types of hackers:
White hats hired by corporate to find weaknesses in the firms computer system
Black hats hackers with intention of causing harm
Grey hats hackers breaking in and revealing system flaws without disrupting site or attempting to
profit from their finds.
Cyber vandalism: Intentionally disrupting, defacing, and destroying Web site.
Anmol Sinha
32 | P a g e

Data Breach:When organizations lose control over corporate information to outsiders.

Credit Card Fraud:

Fear of stolen credit card information deters online purchases.
USs federal law limits liability of individuals to $50 for a stolen credit card.
Hackers target credit card files and other customer information files on merchant servers; use stolen
data to establish credit under false identity.
Online companies at higher risk than offline due to difficulty of guaranteeing true identity of
customers.
E-Sign law giving digital signatures same authority as hand-written ones applies only to large
corporations, but not to B2C e-commerce.

Spoofing (Pharming):

Misrepresenting oneself by using fake e-mail addresses ormasquerading as someone else. Spoofing
a Web site is called pharming, redirecting a Web link to another IP address different from the real one.
Threatens integrity (steal business from true site, or alter orders and send to true site), and authenticity
(difficult todistinguish between true and fake Web address) Carried out by hacking local DNS servers.

Spam (Junk) Web Sites:

Collection of advertisements for other sites, some of which containing malicious code. Appears on search
results, hiding their identities by using domain names similar to legitimate ones, and redirecting traffic to
spammer domains.

Anmol Sinha
33 | P a g e

4.2.2 OTHER SECURITY THREATS:

Sniffing: Eavesdropping program that monitors information traveling over a network.
Insider Jobs: Single largest financial threat.
Poorly Designed Server And Client Software: Due to increase in complexity and size of OS,
application software, and browsers.
Social Network Security: Social engineering attacks tempting visitors to FB pages to click on
bad-behavior links.
Mobile Platform Threats: Same risks as any Internet device Malware, botnets, vishing/smishing.

4.3 A PROCEDURE THAT RECOGNIZES REDUCES, OR ELIMINATES A

THREAT:
Intellectual Property Protection:

Legislature
Authentication

4.4 SECURITY INFRASTRUCTURE:

Anmol Sinha
34 | P a g e

Fig 17#
The security infrastructure is the implementation of the security policy. The security infrastructure is
the technology which is chosen to secure the e-business and the rules by which it operates. Some
examples of this include
Enforcing password aging and expiration.
Enforcing the complexity of passwords.
Blocking prohibited outbound connections from the firewall.
Requiring digital certificates to authenticate.
Remote access connections to an organizations network

4.4.1 Client Computer Protection:

Anmol Sinha
35 | P a g e

 Digital Certificates and Public Key Infrastructure (PKI) :

Still missing the way to verify identify of Web sites. We can do this by using digital document
issued by a trusted third party called certificate authority (CA).

Digital Certificate Includes:

Name of subject/company

Subjects public key

Digital certificate serial number

Expiration date, issuance date

Digital signature of CA

Public Key Infrastructure (PKI):

CAs and digital certificate procedures that are accepted by all parties is Pretty Good Privacy (PGP) a
widely used e-mail public key encryption software [go to pgpi.org to download it].

Anmol Sinha
36 | P a g e

Fig 18#

Browser Protection:
Browser security is the application of Internet security to web browsers in order to
protect networked data and computer systems from breaches of privacy or malware. Security exploits
of browsers often use JavaScript - sometimes with cross-site scripting (XSS)] - sometimes with a secondary
Anmol Sinha
37 | P a g e

payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities (security holes) that
are commonly exploited in all browsers (including Mozilla Firefox, Google Chrome, Opera, Microsoft
Internet Explorer, and Safari).

Anti-virus software:
It is the Easiest and least expensive way to prevent threats to system integrity. What it requires is daily
updates.

4.4.2 COMMUNICATION CHANNEL PROTECTION:

Encryption :
Transforms plain text data into cipher text readable only by sender and receiver. Their purpose is to Secures
stored information and information transmission.

It Provides 4 of 6 key dimensions of e-commerce security:

Message integrity assurance that message hasnt been altered.
Nonrepudiation prevents user from denying sending the message.
Authentication verification of identity of person (computer) sending the msg.
Confidentiality assurance that msg. was not read by.

Public-Key Encryption (Asymmetric) Vs Private-Key Encryption (Symmetric):

Anmol Sinha
38 | P a g e

Fig 19#
Anmol Sinha
39 | P a g e

Secure Sockets Layer (SSL):

Establishes a secure, negotiated client-server session in which URL of requested document, along with
contents, is encrypted designed to establish a secure connection between two computers.

Virtual Private Network (VPN):

Allows remote users to securely access internal network via the Internet, using Point-to-Point.

Anmol Sinha
40 | P a g e

Secure Hypertext Transfer Protocol (S-Http):

Anmol Sinha
41 | P a g e

Anmol Sinha
42 | P a g e

Digital Signature:

Digital signature refers to the igitized images of paper signature used to verify the authenticity of electronic
document. In other words, digital signatures play the role of physical signatures in verifying electronic
documents. A signature is not part of the substance of a transaction, but is a representation.

Anmol Sinha
43 | P a g e

It is a mathematical technique used to validate the authenticity and integrity of a message, software
or digital document.

Firewall:
It is a network security system that controls the incoming and outgoing network traffic based on an applied
rule set. A firewall establishes a barrier between a trusted, secure internal network and another network
(e.g., the Internet) that is assumed not to be secure and trusted. Firewalls exist both as software to run on
general purpose hardware and as ahardware appliance. Many hardware-based firewalls also offer other
functionality to the internal network they protect, such as acting as a DHCP server for that network.

Anmol Sinha
44 | P a g e

Fig 22#

Proxy Servers (Proxies):

Software servers that handle all communications originating from or being sent to the Internet. Initially for
limiting access of internal clients to external Internet servers can be used to restrict access to certain types
of sites, such as porno, auction, or stock-trading sites, or to cache frequently-accessed Web pages to reduce
download times.

Anmol Sinha
45 | P a g e

Fig 23#

4.5 PORTERS FIVE FORCES:

Porter five forces analysis is a framework to analyze level of competition within an industry and business
strategy development. It draws upon industrial organization (IO) economics to derive five forces that
determine the competitive intensity and therefore attractiveness of an Industry. Named after Michael E.

Anmol Sinha
46 | P a g e

porter, this model identifies analyzes 5 competitive forces that shape every industries, and help determine
an industrys weaknesses and strengths.
Bargaining power of suppliers
bargaining power of customers (buyers)
intensity of competitive rivalry
Threat of substitute products or services
Threat of new entrants

Fig 24# PORTERS FIVE FORES FOR ONLINE RETAILER PAYTM

BARGAINING POWER OF SUPPLIERS:

The bargaining power of suppliers is also described as the market of inputs. Suppliers are the manufacturers
of finished products. For any products there are many suppliers online, so they cant show power on online
Anmol Sinha
47 | P a g e

retail companies. For example, if you take computer category, there are many suppliers like HP, Apple,
Lenovo, and Toshiba everyone wants to sell their products through online retails like Paytm. Selling online
saves a lot of money for the manufacturers, and as many people now-a-days prefer purchasing products
through online stores, companies cannot afford to lose this channel. So in this industry the supplier power is
low.

BARGAINING POWER OF CUSTOMERS (BUYERS):

The bargaining power of customers is also described as the market of outputs. Buyers in this industry are
customers who purchase product online. Since this industry isflooded with so many players, buyers are
having lot of option to choose. With many competitors like amazon.com, Snap deal, Flip kart, Shopclues,
etc. customers get a wide range of choices. Customer would prefer the one who would provide goods at
reasonable price, deliver it fast and provide them with other benefits like COD, EMI facilities, others offers
etc. here buyers have more power.

INTENSITY OF COMPETITIVE RIVALRY:

For most industries the intensity of competitive rivalry is the major determinant of the competitiveness of
the industry. Competition is very high in this industry with so many players like Homeshop18, Snapdeal,
Amazon, etc. many competitors means more choices for the customer to choose from. This also increases
the cost incurred by the company to stay in the customers mind i.e. on promotions and advertisements etc.
giving the customers better deals, making customers experience delightful and continuous innovation can
help a company to stay at top even with tons of competitors around.

Anmol Sinha
48 | P a g e

THREAT OF SUBSTITUTE PRODUCTS OR SERVICES:

Substitute for this industry as of now is physical stores. Their threat is very low for this industry
because customers are going for online purchases instead of going tophysical stores as it will saves
time, effort, and money. With the advent and penetration of internet and smartphones, future in
retail belongs to online retail.
When we compare relative quality, relative price of product a person buys online with physical

stores, both are almost same and in some cases, online retail stores offers mores discounts and this
attracts the customer to purchase products online.

THREAT OF NEW ENTRANTS:

Threat of new entrants is very high in this online retail industry because of following reason:

There are very less barriers to entry like less capital required to start a business, less amount of

infrastructure required to start business. All you need is to tie up with suppliers or products and you
need to develop a website to display products so that customers can order products and a tie up with
online payment gateway provider like bill desk.
Indian government helps allowed 51% FDI in multi-brand online retail and 100% FDI in single

brand online retail. So, this means foreign companies can come and start their own online retail
companies.

Anmol Sinha
49 | P a g e

 Industry is also going to grow at a rapid rate. It is going to touch $83 billion by 2022. Industry is

going to experience an exponential growth rate. So, obviously no one wants to miss this big
opportunity.

With the new entrants like Jabong, Snapdeal, Flipkart, Shopclues etc rapidly racing towards the top
position, Paytm needs to devise new strategies to avoid this threat from new entrants.

4.6 SECURITY AWARENESS AND POLICIES:

A need for security awareness and training is required to implement computer security in an organization.
The main purpose behind security awareness is to enhance security by improving awareness of the need to
protect system resources, developing skills, and knowledge so that computer users can perform their jobs
more securely and build knowledge needed to design, implement, or operate security programs for
organizations and systems. A security policyis a formal statement of the rules for people who are given
access to an organizations technology and information assets. The main purpose of security policy is to
inform users, staff, and managers of their obligatory requirements for protecting technology and
information assets. To retain the value and genuineness of the policy, it must include these components:
computer technology purchasing guidelines, privacy policy, access policy, accountability policy,
authentication policy, information technology system and network maintenance policy and violations
reporting policies.

4.6.1 Security Policy, Procedures, and Practices:

Anmol Sinha
50 | P a g e

A Security Policy Is A Formal Statement Of The Rules:

High-level description of the technical environment of the site, the legal environment (governing

laws), the authority of the policy.

risk analysis identifying the site's assets, the threats existing against those assets, and the costs of

asset loss
Guidelines for reacting to a site compromise (e.g., whether to trace the intruder or shutdown and

rebuild the system).

Security-Related Procedure:
Procedures address such topics as connecting to the site's system from home or while traveling, retrieving
programs from the network, using encryption, authentication for issuing accounts, configuration, and
monitoring.

Security Practices:
Implement a one-time password system. Ensure that all accounts have a password and these

passwords are difficult to guess.

Use strong cryptographic techniques to ensure the integrity of system software on a regular basis.
Keep the systems current with upgrades and patches.
Audit systems and networks, and regularly check logs for detecting an intrusion

Anmol Sinha
51 | P a g e

4.6.2 HOW TO MINIMIZE SECURITY THREATS:

Making Your Business Less Of A Target - consider what needs to be on public or shared systems
and, where possible, remove sensitive business information.
Increasing The Perception Of Your Business As Secure - ensure that all aspects of security
appear to be installed and well managed.
Ensuring That Warning Signs- on your website are clearly displayed to any user who attempts to
access secure parts of it.
Not Providing Any Publicly Available Information- regarding the security systems or operating
systems in use.
Making Certain That Your Employees Are Well-trained- In proper email and internet usage, eg
not opening unfamiliar attachments or clicking on suspicious links.

4.7 TECHNIQUES USED FOR SECURITY:

Server Security: Use firewalls and proxy servers.

Message Privacy (or confidentiality):

Anmol Sinha
52 | P a g e

Assures that the communication between trading parties are not revealed to other, therefore
unauthorized party cannot read or understand the message .

Message integrity:
Assures that the communication between trading parties are not alerted by an enemy.

Authentication:
The term authentication determines the user of the computer is actually who he/sheclaims.The
term authentication of the receiver: allows the sender to be sure that the party he/she intends to
get the

message is the one who is receives it.

Authorization:
Ensures that the trading party has the authority of transaction.
Fig 25#: The whole security goes within for e-commerce site like to paytm

Anmol Sinha
53 | P a g e

CHAPTER-5
ELECTRONIC PAYMENT SYSTEM

Anmol Sinha
54 | P a g e

Fig 26#

INTERNET BANKING:

Anmol Sinha
55 | P a g e

Banking through bank official websites. User ID &Password is must with register mobile number
for OTP.

DEBIT/CREDIT CARDS :

Online transaction on PAYTM is secure with the highest levels of

transaction security

currently available on the Internet. PAYTM uses 256-bit encryption technology to protect your card
information while securely transmitting it to the respective banks for payment processing.

E-VOUCHERS(eGV):

The e-Gift Vouchers (EGV) can be redeemed online against Sellers listed on www.PAYTM.com
only. EGVs can be redeemed by selecting the payment mode as e-Gift Voucher.

IMPS (Immediate Payment Service ):

An IMP is Immediate Payment Service that enables you to make payment through your bank
account via mobile.

What is MMID?
MMID (mobile money identifier) is 7-digit number issued by bank to customer for IMPS
transactions.

What is OTP?
OTP is one-time password issued by bank to customer for payment transaction through IMPS.
Anmol Sinha
56 | P a g e

 What is ItzCash Cash Card?

ItzCash is now the leading cash card provider and a holistic payments solution company.

Features of ItzGift Cash Card:

ItzCash cash cards have a good number of features that make them a good option for cashless
transactions.
Some of them include:
1. Secured transactions: Cash cards involve secure procedures that make the transactions reliable and
heavily secured. It is hard to make a transaction without the card.

2. Quick processing: Cash cards function similar to an ATM machine that can transact money with a
single swipe on the machine.

3. Added discounts: Many brands tie up with cash card companies to come up with exclusive limited
offers on products. These apply to only cash card users and no one else.

4. Convenient and hassle free gift option: A corporate cash card can be used as a gifting option for
employees during gifting occasions. ItzGift cards from ItzCash carry the flag for a cashless gift
card.

5.1 HOW TO DO RECHARGE ON PAYTM?

Anmol Sinha
57 | P a g e

Step 1: Login to Paytm.com

Anmol Sinha
58 | P a g e

Fig 27#
Anmol Sinha
59 | P a g e

Step 2: Enter your mobile number in the desired box

Anmol Sinha
60 | P a g e

Fig 28#

Step 3: Select Proceed to recharge.

Anmol Sinha
61 | P a g e

Step 4: Select the payment option.

Recharge is done.

Anmol Sinha
62 | P a g e

CHAPTER-6
BIBLIOGRAPHY

WWW.WIKIPEDIA.COM
WWW.PAYTM.COM

Anmol Sinha
63 | P a g e

Anmol Sinha
64 | P a g e

Anmol Sinha
65 | P a g e

Anmol Sinha
66 | P a g e