E-Commerce and Website Development:
Hype ... and Reality

Ka-Neng Au
Rutgers University
Newark, New Jersey, USA

Abstract

Can businesses really make money with the World Wide Web? What is the future of mobile e-commerce? We will examine the expectations and the actual outcomes of the implementation of some Internet and Web-based technologies such as banner advertisements, digital cash, network security, and wireless applications.

Introduction

There is clear evidence of great interest in the use and development of computer technology in Pakistan, which is accompanied by the recognition of the need for appropriate education and training. The Government of Pakistan introduced its new Information Technology Policy less than two years ago. 1 Among its ten focus areas is Human Resource Development, and this policy aims to provide training facilities for information technology manpower. To that end, a Virtual University of Information Technology will be established in five cities across the country, at a projected cost of more than Rs. 1.2 billion. 2

This emphasis on the development of the information technology sector has been acknowledged by the U.S. Government. The Executive Summary of the most recent Country Commercial Guide for Pakistan notes that:
The Pakistani government is keen on introducing virtual universities and distance learning. At the same time, 15-year tax breaks are being offered to attract foreign information technology firms. A key element of the information technology policy is the supply of cheap bandwidth capacity. Internet bandwidth usage has soared as access has expanded from 29 cities in August 2000 to 350 cities and towns by early 2001. 3
Here at the provincial level, the Government of Sindh has established an Information Technology Board to promote commerce and business in relation to information technology. This IT Board is a primary organizer of the IT Commerce Network Asia exhibition and conference to be held here in Karachi in August 2002. 4 Just last month, the Governor of Sindh and the Minister of Finance spoke at an ICC Regional Foreign Direct Investment Conference. The panel about IT, E-Commerce, and Telecommunications identified areas of current and future investment such as network infrastructure, the provision of business services over the Internet, and IT education. 5

Obviously, being enrolled at Bahria Institute of Management & Computer Sciences is no accident. The instruction received here will prepare students for a nation that is in the midst of a technology revolution; I believe each student's personal plans can be consistent with national policies. The business opportunities are out there waiting.

Business Models

The question is, "Can anyone actually make money from e-commerce?" Let's start with some numbers, courtesy of the U.S. Commerce Department: These are large figures, but does e-commerce actually work - can any given firm remain profitable on a consistent basis? Some Websites would imply that it is very easy to get started, even offering an online E-commerce 101 tutorial. 7 The reality is that certain business models work better than others, and banner advertisements by themselves do not work very well, a sentiment voiced as far back as September 2000. Today, the "click-through rate" for banner ads is under 1 %, and advertising expenditures in the U.S. dropped 14.7 % last year. 8

Three successful e-commerce approaches have been identified by a noted market research firm, and these strategies include: Let us consider three areas of technology development that have an impact on the bottom line, and discuss their implementation and limitations.

Payment Mechanisms

Everyone knows that much of the content on the Internet is still free. Then again, much of content is not worth much to most people - but may be worth something to some people. The overall goal is to be able to charge for Internet services or digital content of some sort. To do that, you have to have some way of accepting payment. At the very least, any viable electronic payment mechanisms must: Many digital cash and electronic money projects and proposals have come and gone; low consumer acceptance has been the primary reason for these failures. Online merchants have also been slow to adopt any scheme that is not supported by major financial institutions.

The approach that seems to have the greatest potential is the use of digital wallets, with the incorporation of a mark-up language called Electronic Commerce Modeling Language. 10 So what are digital wallets? This is a secure approach (beyond the common use of Secure Sockets Layer) to performing electronic payment transactions on the Internet, which uses encryption to hide credit card numbers from merchants as well as eavesdroppers. The digital wallet software, installed on your PC, is configured by adding your credit card(s) information to it. Today, practically all major credit card companies have some sort of digital wallet service. 11

When shopping online with a merchant that supports digital wallets:

Network Security

We mentioned encryption as the standard way to make payment transactions secure. This is necessary because, in general, anything sent over the Internet can be intercepted and read. The Internet is often referred to as an insecure channel. Most information is sent as plain text, and there has to be a transformation of the data into a form unreadable by anyone without a secret decryption key. This key is a digital code used to encrypt a plain text message or decrypt an encrypted message. The most common key management scheme in use is known as Public Key Infrastructure (PKI), whose components include: The use of PKI has made financial transactions over the Internet very secure and relatively commonplace. At this point, it would be appropriate to note the position of the Pakistan Software Export Board on encryption:
"There are no restrictions on import and export of encryption software as well as on the use of encryption software in Pakistan. However, the encryption products intended to be sold in Pakistan have to be approved by the Pakistan Telecommunication Authority (PTA). Under the laws, the hardware device as well as the source code are to be presented to the PTA for seeking their approval." 13
However, eavesdropping - listening in on an electronic conversation or transmission - is but one of the many network security problems affecting e-commerce. There are several other types of activities often described as attacks on Internet systems: Each type of attack can be defended in a number of ways. Some quick (although not foolproof) approaches are frequent password changes and the use of difficult-to-guess passwords; removal of abused network services; re-routing of network traffic; configuring firewalls to restrict access to network services; and installing filters that detect and delete large messages. The well-documented woes of large Internet merchants suffering DDoS attacks in 2001 reminds us all that no company is immune. 15 Unfortunately, according to a recent survey of E-Commerce Trends among manufacturing firms by Ernst & Young, the accounting and consulting firm,
security measures remain woefully inadequate. Despite repeated attacks by disruptive viruses and other electronically-communicated security breaches, manufacturers are nowhere near where they should be in terms of protecting their computer systems. Well over half of companies do not have, nor are they in the process of even developing, formal e-commerce security policies and procedures, despite growing recognition of the threat from inside as well as outside. 16
To my mind, this situation represents opportunities for firms to offer services to combat network security problems and Internet attacks.

Mobile E-Commerce

Mobile e-commerce, or m-commerce, is Internet commerce with wireless, hand-held devices (e.g. cell phones and Palm Pilots) instead of personal computers as clients. In order for these hand-held devices to gain access to the World Wide Web, a new communications protocol had to be developed. This Wireless Application Protocol (WAP) is a set of open, global protocols for developing applications and services that use wireless networks. These WAP protocols are mainly based on existing Internet protocols such as TCP/IP and XHTML, but are optimized for mobile users with wireless devices. 17

The promise is that consumers will be able to surf the Web and make purchases of goods and services from Websites with their hand-held devices, but very few customers and even fewer merchants have ventured in the field. A recent news item described m-commerce as having "lots of smoke, not much fire." In fact, projections for U.S. m-commerce revenues in 2004 range widely from $1.7 to $20 billion, which reflects this uncertainty about its future prospects. 18 Some limitations to the widespread adoption of m-commerce include: A more successful approach to m-commerce is the use of m-cash for small purchases that require short transaction times, especially for interacting with vending machines and parking meters. 19

Outlook

I believe that the most promising e-commerce technology is the development of e-markets, also known as online exchanges or trading hubs. These marketplaces, developed primarily for specific industries such as agriculture or chemicals, have the potential to save money, especially in transaction costs, for both buyers and sellers. In terms of overall sales, B2B (business to business) e-commerce is about ten times the size of of B2C (business to consumer) e-commerce. 20

Footnotes

1. Information Technology Policy, Information Technology Commission, Government of Pakistan, 2000. [http://www.itcommission.gov.pk/itpolicy.htm]

2. Virtual University, Information Technology Commission, Government of Pakistan, 2000. [http://www.itcommission.gov.pk/virtual_university.htm]

3. Pakistan Country Commercial Guide 2002, U.S. Department of Commerce, 2001. [http://www1.usatrade.gov/website/ccg.nsf/ShowCCG?OpenForm&Country=PAKISTAN]

4. Information Technology Board Ord promulgated, Government of Sindh, 10 Jan [2002?]. [http://www.sindh.gov.pk/Articles/information_technology.htm] and IT Commerce Network Asia 2002 homepage, 2002. [http://www.itcnasia.com/indexmain.htm] I also discovered that Karachi has the most companies (136) registered with the Pakistan Software Export Board.

5. Conference Roundup: IT, E-Commerce & Telecommunications, Pakistan National Committee of the International Chamber of Commerce, 2002, and Regional Foreign Direct Investment Conference, 17-18 February 2002, International Chamber of Commerce, 2002. [http://www.iccpakistan.org.pk/event_site/it_telecom.htm] and [http://www.iccwbo.org/home/conferences/asia_regional_meeting/programme.asp]

6. Monthly Retail Trade Survey: Quarterly E-Commerce Sales, Census Bureau, U.S. Department of Commerce, 20 February 2002. [http://www.census.gov/mrts/www/current.html]

7. E-commerce 101, Netsavvy Communications, 2002. [http://www.sellitontheweb.com/ezine/webstore101.shtml]

8. Web publisher: Banner ads have proved a disaster, Infoworld, 21 September 2000, and Ad Spending Down, Use of Larger Ads Increases, Michael Pastore and Christopher Saunders, CyberAtlas, 8 March 2002. [http://www.infoworld.com/articles/hn/xml/00/09/21/000921hnbannerads.xml] and [http://cyberatlas.internet.com/markets/advertising/article/0,,5941_987871,00.html]

9. E-Survivors! Winning E-Commerce Strategies for 2001, ActivMedia Research, June 2001. [http://www.activmediaresearch.com/rn01_e-survivors.html]

10. Frequently Asked Questions, ECML Alliance. More information on electronic payment schemes may be found at Electronic Money, or E-Money, and Digital Cash, Roy Davies, Exeter University, 17 December 2001. [http://www.ecml.org/faq.html] and [http://www.ex.ac.uk/~RDavies/arian/emoney.html]

11. Examples include: DeskShop from Discover Card, [http://www.discovercard.com] e-wallets from MasterCard International, and [http://www.mastercardintl.com/newtechnology/set/howsetworks.html] Private Payments from American Express. [http://www.americanexpress.com/privatepayments/] Another digital wallet example is Passport from Microsoft Corp. [http://www.passport.com/Consumer/]

12. Crytography FAQ, RSA Security Inc., 2002, and PKI Basics: Digital Signatures and Public Key Infrastructure (PKI) 101, Digital Signature Trust. [http://www.rsasecurity.com/rsalabs/faq/sections.html] and [http://www.digsigtrust.com/support/pki_basics.html]

13. Cryptography and Liberty 2000: Pakistan, An International Survey of Encryption Policy, Electronic Privacy Information Center, 2000. [http://www2.epic.org/reports/crypto2000/countries.html#Heading94]

14. For tools and solutions to these attacks, refer to the following Tech Tips from the CERT Coordination Center, Carnegie Mellon University: Intruder Detection Checklist, 20 July 1999; Denial of Service Attacks, 4 June 2001; and Email Bombing and Spamming, 26 April 1999. [http://www.cert.org/tech_tips/intruder_detection_checklist.html]; [http://www.cert.org/tech_tips/denial_of_service.html]; and [http://www.cert.org/tech_tips/email_bombing_spamming.html]

15. A year later, DDoS attacks still a major Web threat, Robert Lemos, CNET News.com, 7 February 2001. [http://news.com.com/2009-1001-252187.html?legacy=cnet]

16. NAM / Ernst & Young E-Commerce Trends Index, Ernst & Young, November 2001. [http://www.ey.com/GLOBAL/gcr.nsf/US/NAM_overview_-_Manufacturing_-_Ernst_&_Young_LLP]

17. The protocol specification may be found at the WAP.com homepage. [http://www.wap.com]

18. The quote is from They Built It, But Nobody is Coming, Ed Sutherland, M-Commerce Times, 4 March 2002. [http://www.mcommercetimes.com/Services/220] The statistics are based on m-commerce revenues, ePayments Resource Center. [http://www.epaynews.com/statistics/mcommstats.html#36A]

19. Kevin J. Delaney, "Consumers Lose Interest in Buying Online With Mobile Telephones," Wall Street Journal, 20 March 2002, p. B5. Another approach being promoted is the application of digital wallets: The Value of the Mobile Wallet, a White Paper by Dennis Hennessy, Network365, November 2001. [http://www.network365.com/downloads/whitepaper_88.pdf]

20. Net Market Makers 101: B2Basics, Net Market Makers, 2001. [http://www.nmm.com/nmm101/b2basics.asp] In 2000, B2B ecommerce revenues in the U.S. were $336 billion, according to Jupiter Research. [http://www.emarketer.com/estatnews/estats/ecommerce_b2b/20001004_jupiter.html]

Other resources

Ka-Neng Au
Last updated 30 March 2002
Comments? Questions?