Documente Academic
Documente Profesional
Documente Cultură
INTRODUCTION
You will become familiar with some basic techniques and terminology.
YAHOO! Store
The easiest way to make your business Internet-enabled
ecBuilder
Software package, intended for creating more advanced eCommerce
solutions, still very easy to use.
SSL
What is Secure Socket Layer, and why is it so important?
Introduction to E-Commerce
Introduction
z
z
z
z
Introduction
z
Introduction
z
z
z
z
z
Introduction
z
z
z
Web store
z
z
z
z
rent
electricity
water
city taxes
cleaning...
Web store
z
Web store
z
z
z
z
Web store
z
z
z
z
Web Hosting
z
z
z
Web Hosting
z
z
z
z
z
z
z
z
z
z
Credit Card
z
z
z
z
Credit Card
z
Internet
Online
Transaction
Server
Merchant
Site
Bank
Bank
Bank
Consumer
Consumer
Electronic Cash
z
but Credit Card will be dominant for at least the next few years.
Marketing...
z
Yahoo! Store
Basic disadvantages
Cannot create original look of the e-Commerce site;
sites on Yahoo! Store look similar to each other
no matter what effort was taken for visual design.
That is because all sites are forced to have the same structure,
and only graphical elements and their arrangement on the screen
may be partially different
Company still needs its own server
in order to use most advanced capabilities of Yahoo! Store
(e.g. custom functions for tax and shipment calculation).
If company owes a server (virtual or real),
it can use other tools (such as ecBuilder)
to create more flexible e-Commerce site.
Yahoo! Store certainly cannot fulfill all e-Business demands
asked by big companies
z
z
z
z
First step in
creating your own
store is to click on
Create a Store
link.
This action leads
to the store editor.
z
z
Instructions by Yahoo!
z
z
z
z
z
After signing
with Yahoo!,
the screen
with options
will be
shown.
The key page;
each one of
the 8 sections
contains links
to vital
activities
Only manager
can access
this page; not
the shopper.
Page Number: 41/268
z
z
z
The three options differ in the amount of tools available for edit
Only the last option allows links to other sites for extra functions
In the Edit section, click to link Simple,
in order to step into Simple Interface for store building.
z
z
Page Variables
z
z
z
At this step, we will enter the page title and the logo message.
Let page title be: Green food from Serbia.
If no page title is entered, store title will be used instead
(in our case, Raspberries, Inc.).
Message might be assumed as company motto,
e.g. Our fruit knows of no chemistry.
We also may upload a title image by pressing
the Upload File button at the appropriate row.
If this image is loaded, it will be used instead of the store title,
i.e. instead of Raspberries, Inc.
Note that page loading time will be longer when the uploaded
image is bigger. It is highly recommended to upload
images smaller than 20kB, in order to keep high performance.
z
z
Fresh Fruits
Frozen Fruits
Finished Products
Page Variables
z
z
z
z
Variable Inheritance
z
z
z
z
At first glance,
everything is the same as it was at the Simple Interface,
except that menu bar carries much more options.
Notice a small triangle at the end of the menu bar.
By clicking at this triangle,
our interface will be upgraded to Advanced.
At the Advanced interface, the same triangle will exist,
but it will be turned to the left,
and will be used to downgrade to Regular Interface.
From Simple to Regular/Advanced by new login;
from Regular to Advanced and back via red arrow
Overriding a Variable
z
Overriding a Variable
z
z
z
Overriding a Variable
z
Concept of Accessories
z
z
z
z
z
z
Adding an Accessory
z
Internal Clipboard
z
z
z
z
Content of the clipboard is being cleared each time you log off
from Yahoo! Store. If you cut an item,
and then do not paste it on some other place,
it will be irretrievably lost after you log off.
Page Number: 71/268
z
z
Final Notes
z
One advice: Do not wait until the tenth day to create your account.
Web services are not reliable enough yet,
and you may be quite disappointed
if you get into position to create the complete store all over again!
One of important topics of Yahoo! Store is its price.
Stores are valued by its size, i.e. the number of items offered.
There are three categories:
Small store - With up to 50 items; it costs $100 per month
Medium store - With up to 1000 items; it costs $300 per month
Large store - With more than 1000 items;
it costs $300 per month for first 1000 items,
and additional $100 per month for each next 1000 items;
for instance, a store with 2300 items would cost $500 per month.
ecBuilder
ecBuilder
z
z
Product Name:
ecBuilder
Manufacturer:
MultiActive
Software inc.
System
requirements:
Desktop PC
with Microsoft
Windows
operating
system and
Microsoft IE 4.0
or Netscape 4.0
Why ecBuilder?
z
z
z
z
z
z
z
z
z
Introduction to ecBuilder
z
z
z
z
z
z
Introduction to ecBuilder
z
z
z
z
z
Payment processing
z
z
z
z
SSL
Your
Site
ecPlace
Server
(5) Transaction
result
Payment
Processor
Inside ecBuilder
z
z
z
z
ecBuilder Wizard
z
z
ecBuilder Wizard
Content Pages
Feedback Form
z
z
z
z
z
z
z
Bank
Consumer
Internet
Merchant
Site
ecPlace
Online
Transaction
Server
Bank
Bank
Bank
Consumer
Consumer
Other Merchant Sites Private Gateway
z
z
z
z
z
z
z
z
z
z
its weight
dimensions
available sizes
keywords for search engines
etc.
LinkExchange at http://www.linkexchange.com
is one example of banner exchange services
(bringing business to each other).
z
z
z
z
z
z
z
z
z
z
z
z
ecOrderDesk
z
ecOrderDesk
z
z
ecOrderDesk
z
orders
item inquiries
general inquiries
ecOrderDesk
z
ecOrderDesk
z
Order
An actual purchase request by a shopper from your Web site
An order may include one or more catalog items
Item Inquiries
A request for information about a specific catalogue item
by a shopper from your web site
An Item Inquiry is not a purchase request
It is possible to convert an Item Inquiry to an Order
General Inquiry
A request for general information
about your company or anything else
General Inquiry is not linked to a specific catalog item
ecOrderDesk
z
z
ecOrderDesk
z
z
z
z
z
z
ecOrderDesk
z
ecBuilder Conclusion
z
z
SSL Basics
z
z
z
On the Internet,
when customer types in his/hers credit card number
and initiates a payment procedure, data have to propagate
through the net, to get to the merchant server
Actually, customers browser sends an HTTP POST message
which is then broken into TCP/IP packets
before sending across the network
If someone could intercept these packets and read them
he/she would be able to obtain confidential data
z
z
The MAC, calculated this way, is then added to the data packet
So, if attacker makes changes to a data packet,
MAC of the new message will be different
from the MAC contained in the message,
and calculation of the new MAC is not possible
without possession of the secret data
If no MACs included, an attacker can intercept the data packet,
replace it with its own data of the same format,
and the receiver would NOT notice the difference.
Page Number: 157/268
Symmetric Algorithms
z
z
z
z
DATA
Sender
S
S
L
Sender Ports
Socket
Page Number: 159/268
S
S
L
Receiver
DATA
Receiver Ports
Made by: Ifact
Asymmetric Algorithms
z
z
z
Server Certification
z
z
z
z
clientHello
serverHello
certificate
serverKeyExchange
clientKeyExchage
finished
finished
ClientHello
z
z
z
ServerHello
z
z
z
Certificate
z
z
ServerKeyExchange
z
z
If the previous message did not contain the set of RSA keys, then
this message has to be sent
Server sends the ServerKeyExchange message
with a temporary public key generated ad hoc
(the secret key is generated at the same time,
but, of course, it is not sent over the network)
ClientKeyExchange (1)
z
z
z
z
ClientKeyExchange (2)
z
z
z
Finished Messages
z
z
z
z
z
Client crypts
SecretSymmKey
using PubAsymKey
Client generates
master cheksum
Client encrypts/decrypts
DATA with
SecretSymmKey
Server
PublicAsymmKey is transmitted
to Client
Crypted SecretSymmKey is
transmitted to Server
Server generates
PublicAsymmKey
Server decrypts
SecretSymmKey using
SecretAssymKey
Server generates
master cheksum
Server encrypts/decrypts
DATA with
SecretSymmKey
z
z
Microsoft
Site Server Commerce Edition
A Technological Survey
z
z
z
z
z
Basics
z
Technically,
any SSCE-built store is based on three key technologies:
ASP, COM (Component Object Model) objects, and OPP
Pages on a SSCE-created Web site are ASP pages
with a server side script that manipulates a set of COM objects,
usually those coming within the SSCE package.
Script uses these objects to gather information from consumers,
to find or save info with a ODBC/ADO query, and
to process needed tasks through OPP (ADO = ActiveX Data Objects)
OPP Concept
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
z
Product Template
z
z
Plan Template
z
Purchase Template
z
Pipeline Editor
z
OrderForm:
z
z
z
z
z
Properties
z
z
z
z
As already mentioned,
a SSCE pipeline is a series of COM objects
executed in a predefined order
These objects are grouped in pipeline stages.
Every stage is a logical macro step and is meant for certain function.
Usually, a stage has an ability to check (at the end of its execution)
whether the function, stage is meant for, is actually performed
This is done before execution control is transferred
to the next pipeline stage
Branching
z
z
Product Pipeline
z
z
z
z
z
z
z
z
z
z
Inventory (#5)
z
z
z
Plan Pipeline
z
Plan pipeline is a
superset of the
Product pipeline
It is used for
complete price
calculation based on
various parameters
What follows is only
the NEW stages, not
mentioned before, in
the product pipeline
Merchant Information
z
z
Order Initialization
z
Order Check
z
Order Subtotal
z
z
z
Shipping
z
z
Handling
z
Tax
z
z
Order Total
z
z
Purchase Pipeline
z
Purchase Check
z
Payment
z
z
z
Accept
z
z
z
Scriptor Component
z
z
QueryProdInfoADO
z
z
z
QueryProdInfoADO
z
DefaultShopperInfo
z
z
z
RequiredOrderInit
z
RequiredOrderCheck
z
z
DefaultItemPrice
z
SaleAdjust
z
ItemPromo
z
DBOrderPromoADO
z
z
DefaultOrderSubTotal
z
DefaultShipping
z
z
z
FixedShipping
z
TableShippingADO
z
z
Handling Components
z
z
z
SimpleVATTax
z
z
z
DefaultTotal
z
LocalInventory
z
ValidateCCNumber
z
z
z
z
SQLItemADO
z
z
SaveReceipt
z
Saving order data from OrderForm object into the database can be
done after pipeline execution in application ASP script.
Alternative for this approach would be the use of the SaveReceipt
component
This component uses ReceiptStorage global object that specifies
all needed info about database where data for OrderForm needs to
be stored. The only field of SaveReceipt component - No save
key prefix determines prefix for those fields of OrderForm that
should not be saved to database. For example, if value is _CC_
then no sensitive credit card info shall be stored
Transaction Process
z
z
z
z
z
Instantiation
z
z
z
Functioning
z
z
z
z
z
z
z
Server Properties
z
z
Merchant Properties
z
z
z
z
z
z
Types of Transactions
z
Commencing a Transaction
z
E-commerce in Yugoslavia
The E-Bank Online Payment
System
General Info
z
Requirements
z
Software
z
Payment Process
z
Security
z
z
z
z
Good Behavior
z
Connecting to e-bank
z
Form
z
E-Pin
z
z
z
Conclusion
z
z
z
Common Sense
Fast Knowledge
Formal MBA
M-Commerce :
z
z
z
z
z