Central Bank, launching an Internet payment gateway (IPG) of commercial banks to go ahead after the reception of the Central

Bank, the development of appropriate e-mail web merchants for display and sale their products and services, and purchases of goods and services that customers' e-merchants are late, Bangladesh Bank - Central Bank of Bangladesh - has given the green signal for e-commerce transactions in Bangladesh in 2009. Following the 'Opening of e-commerce was in the country, DutchBangla Bank Limited (DDBL) has launched an IPG, in the name of the Nexus Gateway in June 2010, BRAC Bank, in December 2010. Launch IPG has virtually opened the doors to electronic commerce in Bangladesh.

Now are interested e-tailers have at least two IPG in Bangladesh, where they can connect and receive payment from the buyer's credit / debit cards for their goods and services. Currently, e-merchants accept MasterCard (from any bank in the world) and 1.7 million cards through DBBL NEXUS IPG DBBL, and Visa (from any bank in the world) IPG by BRAC in Bangladesh Bank.In e-commerce to overcome two important first steps. Implementation of the third stage is responsible for e-merchants and the success of the fourth step is to use the IPG customers.Having up, they can e-tailers now develop websites and display their products with pictures and prices. Otherwise, IT organizations can develop and host Web portals appropriate on behalf of small businesses that want to sell goods and services online, but the development and maintenance of the site is not possible for them.

Bangladesh Bank (BB) opened the e-commerce transactions on the network in 2009. Later Dutch Bangla Bank Limited (DDBL) launched the online payment gateway (IPG) in the name of Nexus-Gateway in June 2010 and BRAC Bank in December 2010. Meanwhile, some online retailers have developed their websites and in connection with the IPG in the banks.

In an e-commerce transaction, the customer selects items to buy from a site and click on "Check Out" or "Pay" on the merchant's website. This button contains a computer code called the API provided by the bank. When the button is clicked, it takes the side of a bank. On this page, gives the customer's card details like card number, PIN / CVV / CVC, expiry date etc.

PIN stands for Personal Identification Number, mean CVV Card Verification Value & operated by Visa and CVC Card Verification Code & means used by MasterCard. This information is then transmitted to the payment of Internet Gateway (IPG) software for Internet banking.

The Internet is a public place. The transfer of map data via Internet is not secure. Thus, a bank shall take appropriate measures to ensure the flow of the transaction by the customer's computer to their server.

While the information on the travel card on the Internet from the client to the server of the bank, a fraudster can easily capture and use the information to purchase goods of value in the Internet or create a fake card using the data introduced and withdraw money from an ATM. As such, while the capture of information from the customer's card, the bank's system instantly to encrypt and put on the server and decrypt them for further processing.

Phishing is the collection of user information by submitting a false website address of the user or by sending an email or as a result of a search result. Assuming that the site is genuine, the user selects products and enters a PIN card information on the website wrong. The attacker records all attempts made by different users and collect information from the card.

It is not possible for customers to know the exact website address of all traders. Nor is it possible to know the address of the bank where the merchant is required, the trader can be linked to a bank, while the client can use the card of another bank. It is therefore important that the site of a bank that collects information on the card must be certified by a certification authority (CA) such as VeriSign.

IT companies can make money from these merchants on a transaction basis or on a monthly rental basis.Meantime have desco.org.bd, chorka.com clickbd.com and developed their own web site and integrated into the IPG of DBBL. The sslcommerz.com.bd, a web portal integrated with the IPG of DBBL, eleven e-tailers, including ekushey.com.bd, champs21.com, bdjobs.com, boi-mela.com, kenakata24-7. com, mydomainic. com, ebaybd.net, paribahan.com, rkmdhaka.org have ticketdao.com and starejobs.com.The bangladeshbrand.com, amardesheshop.com, shurjomukhi.com.bd, technobd.com bdjobs.com and their own websites e-commerce that is integrated with the IPG BRAC Bank.The last but the most important initiative to be taken by customers to purchase goods and services e-commerce sites / portals using their debit / credit to e-trading a success.

The side of the bank that collects credit card information will indicate the CA seal. If a customer clicks on the seal, the site of the CA appears. All clients must know the URL of the CA established and would be able to verify their accuracy. If the website address of the CA is correct, the side's website the bank is also correct. As such, the customer can insert the card securely on this site. Sometimes, clients do some activity on the Internet through e-commerce system and deny that they have not done this, but blame the bankers and said they could not know their PIN from the system and make the money transfer transactions of their account.

This is to ensure that the agent has access to the PINs of bank customers as all PIN logical storage in a black box, known as HSM, where no bank official, even the administrator has access. However, it is very difficult to prove. The digital signature is a solution to this.

Digital signature is signed (or encrypting) a message or an electronic transaction from a sender using its private key can only be read (or decrypt) the receiver using the public key of the sender. The pair of public and private keys issued by a certification authority (CA) to a user. The user sends his public key to other persons or institutions with which it wishes to exchange electronic information (e-mail or a transaction bank) and keep his private key with him (on his computer or USB key). Now it will encrypt or sign all sensitive information using its private key and send it to another party.

The other party will be able to open the mail or decrypt data using the public key of the sender. This ensures that the transaction is made by the sender himself. If the user denies such a transaction, the court's decision on the matter based on ICT law, the 2006th

Banks are able to develop a system that only trade request encrypted with the private key to the customer. All customers who wish to carry out transactions using electronic commerce, may be asked to key pair from CA and provides the public key to the bank. This may be made compulsory in excess of a predetermined amount, for example Tk.50, 000.00.

PIN card can be hacked by a hacker and used to make unauthorized transactions in electronic commerce. To ensure such a transaction on the Internet, banks can adopt two-factor authentication, which means that the customer must approve a transaction using two factors - one is the PIN and a second may be a token, called cryptographic or USB hardware token.

A symbol is a small team issued by the bank to a customer. The algorithm of the symbolic apparatus and the authentication server that stores all the information on the sample are the same, such as the server and the token to generate the same number after each period of time (eg one minute).

After sending a PIN, the user asked to enter a token number will be a sign at that particular time. It reads the number of tokens and the betting system. E-commerce passes the token number and ID signal to the authentication server that verifies the correctness of the code. If the number is correct, the operation is over, otherwise rejected.

When the token is a physical entity owned by the user and generates random numbers, the attacker can capture it, but it becomes invalid in the following minutes. Thus, two-factor authentication provides greater security for customers and also protects a bank rejects a transaction with a client as token belongs to the customer.

E-commerce opportunities in virtually every home. However, when it comes to Bangladesh, is a doubleedged sword. Internet figures in the sad, one of the smallest in Asia: http://www.internetworldstats.co ... (A huge population of 158 million is only 1.1% have internet access).

Bangladesh has a fair share of the problem when it comes to the Internet. Of all the friends and colleagues whom I know personally who lives in Dhaka, they always complain of erratic / unreliability of the Internet and low bandwidth that Bangladesh a. Localized online payment system does not exist (for Visa / MC purchases) and access online e-commerce based websites are present. Those who are dependent on the cash line items or by direct deposit or pay by check.

In my opinion, because of physical and digital infrastructure that exist in Bangladesh, which would have been more successful in the mobile commerce vis--vis the Internet electronic commerce. Bangladesh has an incredible mobile configuration activities (which micro-loans, etc.) and mobile operators have the advance of the general population.

Any generic e-commerce opportunities based in Bangladesh that is innovative and is limited to a very small target market would be able to access it and use this practice online. The lack of major players is "open" the market (almost white in some respects), but Internet penetration, lack of a truly integrated payment system and poor infrastructure adds to these problems.

The current use of statistics is not encouraging for all parties: e-commerce, web portal and the Commission deplorers grocery politics - a levy imposed on the merchant to the bank as a percentage of sales value - is higher for e-commerce transactions as the sale transaction. The e-grocer also have to pay a fee to the owner of the web portal, the site is not owned by him. On the other hand, an e-merchant is not bound to set up stores in prominent places and expensive in a city, they only have to hold stocks in various low-cost sites from which they can deliver goods to various parts of the ease city / country with the end result is cost.The transport requirements: e-commerce players have a competitive advantage to retailers. They have lower operating costs and improved inventory management due to operate in an

environment of virtual commerce. For example, sales per employee nearly $ 850k amazon.com while its retail counterpart, Best Buy, generating revenue per employee of only $ 270k.