MBAN-SEM-IV MI0030- SETII

1. What are the major advantages of B2B e-commerce?

Ans. Advantages of B2B

1. Direct interaction with customers. This is the greatest advantage of ebusiness. The
unknown and faceless customer including other businesses, buying the products of a
large MNC like say HLL or Procter & Gamble through distributors, channels, shops and
the like, now has a name, face, and a profile. Large MNCs pay a fortune for this
information on customer buying patterns.
2. Focused sales promotion. This information gives authentic data about the likes,
dislikes and preferences of clients and thus helps the company bring out focussed sales
promotion drives which are aimed at the right audience.
3. Building customer loyalty. It has been observed that online customers can be more
loyal than other customers if they are made to feel special and their distinct identity is
recognized and their concerns about privacy are respected. It has also been found that
once the customers develop a binding relationship with a site and its product, they do not
like to shift loyalties to another site or product.
4. Scalability. This means that the Web is open and offers round-the-clock access.
5. This provides an access never known before, to the customer. This access is across
locations and time zones. Thus a company is able to handle many more customers on a
much wider geographical spread if it uses an e-business model. The company can set up a
generic parent site for all locations and make regional domains to suit such requirements.
Microsoft is using this model very successfully. The additional cost of serving a larger
segment of customers comes down drastically once a critical mass is reached.
6. Savings in distribution costs. A company can make huge savings in distribution,
logistical and after-sales support costs by using e-business models. Typical examples are
of computer companies, airlines, and telecom companies. This is because the e-business
models involve the customer in the business interaction to such a level that companies are
able to avoid setting up the huge backbone of sales and support force, which ordinarily
would have to be set up.

2. Explain the nine different types of e-business models

Ans. The business model is essentially ruled by the following two parameters:
1. On the basis of value addition: Value addition is the addition of value to a product or
service because of the opportunities that it offers on the web.
2. On the basis of control: At the high end of control there is hierarchical control and at
the low end there is no control, so that it is self-organizing. Normally, the control is done
through the policies of the website. Based on these, nine types of transactions can be
identified as listed below:
• Brokerage
• Aggregator
• Info-mediary
• Community
• Value Chain
• Subscription

ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII

• Manufacturer
• Advertising
• Affiliate

3. Explain the risks to customer in internet associated risks

Ans. Risks to Customers

The Internet has not been viewed by most users as a safe place to use credit cards to
conduct business transactions. This feeling of insecurity is primarily due to the large
amount of press reports citing story after story about thefts of credit card information by
Internet hackers.
False or Malicious Web Sites
Malicious web sites are typically set up for the purpose of stealing visitors' IDs and
passwords, stealing credit card information, spying on a visitor's hard drive, and
uploading files from the visitor's hard drive. The bugs discussed in the following section
are either remedied by the most current version of the browser software, or they can be
remedied by recent "patch" files that can be found on the vendors' web sites.
Unfortunately, new variations continue to pop up as soon as "cures" for the old variations
are available. Web site assurance should be helpful for assessing the trustworthiness of a
web site.
Stealing visitors' IDs and passwords
This can be accomplished by individuals who set up a malicious web site that asks the
user to "register" with the web site and to give a password. The password is given
voluntarily and can only be harmfully used if the visitor uses the same password for
many different applications, such as ATM cards, work-related passwords and home
security alarm passwords. The rule to live by here is to always use a different password
for various Internet related purposes.
Stealing visitors' credit card information
This can also be obtained by "false" web sites being set up and temporarily staged as
legitimate businesses, such as a site selling Gift Baskets to be delivered anywhere in the
country on festivals (Holi, Deepavali, Christmas etc). The site could be set up any time
prior to Christmas eve, collect credit card information, and then shut down on Christmas
Eve. No one would know to complain until after Christmas Eve, and by that time the site
has most assuredly already shut down. This type of scam is not unique to the Internet,
however, it is easier to attract a large customer base and then E-Commerce and Web
"disappear" from the Internet without having to physically pick up and move from one's
domicile. A more troubling manner in which credit cards, IDs, passwords, and other
information, including bank account access codes, may be intercepted by a malicious web
site is accomplished through the use of bugs which allow all visitors' sessions to be
monitored and such information recorded. These types of acts are sometimes referred to
as man in the middle attacks. Such bugs as "the Bell Labs Bug," the Singapore Bug," and
the "Santa Barbara Bug" involve some variation of a procedure which allows JavaScript
pages of a malicious web site, which must first be visited, to view and capture any
information transmitted to subsequent web sites visited. The basic manner in which this is
conducted is by attaching a virtually invisible window, perhaps 1 by 1 pixel, that remains

ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII

open as'other sites are visited. The most troubling aspect of this type of bug is that
information can be stolen even if the site is "secured" with Secure Sockets Layer (SSL).
Spying on a visitor's hard drive and uploading files from the visitor's hard drive
This has been accomplished via bugs such as the "Freiburg Bug" which exploit file
upload holes in web browser software. These types of bugs also use a virtually invisible
frame generated 'by the malicious web site. As the visitor browses the web site, a
JavaScript program proceeds to examine the visitor's hard drive, and through file-sharing
techniques, any files with known names can then be uploaded to any site desired on the
Internet. The file name must be known in advance. Unfortunately for security reasons,
many common files reside on most computers, such as "cookies.txt" that may have
voluntarily supplied, unencrypted password information stored in it, although the storing
of unencrypted password data is rare. The only types of files that may be uploaded are
text, image or HTML files. The files may be scanned and uploaded, but they may not be
altered while they are on the visitor's hard drive.
Theft of customer data from selling agents and Internet Service Providers (ISP)
Customers purchasing goods and services on the Internet, including the use of an ISP to
have access to the Internet, typically pay with credit cards. Cyber cash payment methods
are another, less popular alternative. This credit card information is stored by the selling
agents and ISPs. Unfortunately for the customers, hackers are occasionally successful at
breaking into the selling agent's and the ISP's systems and obtaining the customers' credit
card data. Little, if anything, can be done by the consumer to, prevent this type of
exposure other than not using credit card information at all on the Internet. The risk,
however, is comparable if you use your credit card for any other purpose since corporate
databases containing non- Internet customer credit card information may also be
penetrated and stolen.
Privacy and the use of cookies
The issue of privacy on the Internet is of concern to many people. Many coalitions have
been formed to monitor and disseminate information regarding privacy issues on the
Internet and to proactively- lobby for greater privacy measures. A few of these groups are
the Center for Democracy and Technology (CDT), Electronic Frontier Foundation (EFF),
Electronic Privacy Information Center (EPIC), Privacy International, and Privacy Rights
Clearinghouse (PRC). So what information is kept about a visitor? The answer depends
on how much information the visitor divulges about him/herself and how he/she
configures the web browser preferences. Cookies were designed to allow web servers to
operate more efficiently, provide a better response time to repeat visitors to their sites,
and more accurately track how many different users (as opposed to repeat visitors) visit a
site. The use of cookies, however, has become a very controversial topic by privacy
groups preferring to have no information about web browsing activities be kept by the
web sites visited. Depending on which web browser is being used, cookies may be placed
in a single file or individual files. For many web sites, the only information recorded is a
unique identification number so that the site may track the number of first time and repeat
visitors. When a user initially visits a web site, the host site may assign a unique
identification code to that user and create a cookie that is placed on the visitor's
permanent storage device, such as a hard drive. While the cookie file is written to the
visitor's hard drive, no files from the hard drive may be read, altered or uploaded from
this procedure. In some instances, other information such as user ID and password are

ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ
MBAN-SEM-IV MI0030- SETII

placed in this file, but only if the individual offers this information by typing it into a
form. This information is encrypted by some sites, but not by all. The cookie file is a text
file (.txt) that is easily read. Although rare; if an unencrypted password is placed in this
file, the danger of the file being read by some other malicious mechanism is a potential
exposure. Even if a password is unencrypted in a-cookie file, it is possible that
information passed from it to a server is encrypted, such as during an SSL session.
On the web site server side, the assigned user identification number is stored. In many
cases, that is all that is stored. In other cases, time visited, length of the visit, items
clicked on, and user preference data given by the visitor may also be stored by the web
site server into a database. Privacy groups are concerned about these types of data
repositories being created and sold for marketing or other purposes. The main reason
given for the justification for the creation of cookies is one of efficiency. On subsequent
visits to this web site, once the cookie is read, the server can obtain any data stored about
the visitor without having to ask for it again. For example, cookies can process multiple
advertisements sequentially so that one is not repeated until a cycle is complete. Also, the
web site server does not have to store any of the visitor preference data on its computer,
and thus the potential to push data storage to the visitor exists. How long do cookies last?
Just like edible cookies, computer-generated cookies have expiration dates assigned.
Most sites either set their expiration dates for a very short (a couple of hours for shopping
carts) or a very long (several years) time period depending on the site's objectives. In
response to users demands for privacy, recent versions of web browsers have the
enhanced capability for users to customize their preferences to either refuse the receipt of
a cookie or to require permission before a cookie is accepted. Many web sites will not
allow you access, however, if you will not accept their cookie(s)! Further, you may edit
your cookie file if you wish to judiciously remove cookies so that you can anonymously
revisit web sites.

ROLL-NO-510286414 CENTRE-01976
NAME:-AHUJA PRAKASH DHANRAJ