Marketing and Eletronic Commerce

A Transactional Medium, Part 2

  1. Cybermediaries
  2. Payment Issues
    1. Security Issues Online
    2. Payment Issues: Status
    3. Impact of Micropayments
  3. Copyright
  4. Positive Spirals
  5. Ecommerce Requirements
  6. Impact of Intelligent Agents


WWW facilitates shorter channels of distribution, and direct marketing, as discussed in session 7. Cybermediaries (intermediaries in cyberspace) will substitute for traditional intermediaries, their roles being twofold. To drive consumers to the online commerce site, and to facilitate online transactions.

Cybermediaries that drive consumers to the online commerce site include the popular search engines, online access providers (AOL, MSN, Prodigy etc.), online publishers and Emalls. These intermediaries attract a large audience that online businesses wish to sell their products to. By sponsoring sites with banner advertisements, developing co-marketing deals like UPS's recent deal with three major search engines, or partnering with an Emall, online commerce sites are getting access to larger audiences. Search engines are becoming very aggressive in developing business models that don't rely solely on banner advertisement sponsorship, these deals may include revenue sharing from online business transactions in the future. Cybermediaries, in this instance, are therefore used to attract large target audiences for online businesses to market to.

Cybermediaries also facilitate online transactions for online retailers. eTRUST or similar companies endorse sites that protect consumers' privacy. This will assure customers that information they divulge will be used appropriately. By creating such assurances, eTRUST is helping facilitate online transactions. First Virtual and CyberCash are cybermediaries that are positioning themselves to help facilitate the actual transfer of electronic funds (discussed in detail later). Cybermediaries also include delivery companies such as UPS and Federal Express that enable customers to track the status of the delivery of products offline.

Payment Issues

In order for online commerce to become a successful commercial medium, issues regarding closing the transaction online need to be resolved. These issues revolve around the security of doing business in a computer mediated environment.

Security Issues Online

According to Bruce Schneider, author of the book E-mail Security, "The only secure computer is one that is turned off, locked in a safe, and buried 20 feet down in a secret location---and I'm not completely confident of that one either." Corporate America spent about $6 billion on network security in 1996 according to Dataquest. An FBI survey of 400 companies reported that 40% of those surveyed had recent break-ins, many of these break-ins occured despite the presence of firewalls. A survey conducted by Dan Farmer, an internet security "expert" found that 60% of servers were vulnerable to break-ins, using simple technologies, easily available to hackers on WWW. Security is therefore an area that needs to be improved significantly for WWW to become a viable commercial medium. Issues with regard to security online can be categorized as follows:
  1. Security of a message in transit (integrity)
  2. Security of the end points (business' site)
  3. Authentication
Until a consumer is sure that a transaction cannot be intercepted, read, changed and/or manipulated, then the likelihood of a consumer wanting to close a transaction on-line is small. Cryptography is being considered as a method of making sure that a transaction is secure while in transit. Various encryption methods are being investigated. These methods essentially encrypt the message while it is crossing the internet such that it is unreadable to anyone except the intended recipient (vendor) who has an encryption key that will decode the message.

While encryption seems to be the appropriate technology to insure the integrity of the transaction, the U.S. government has issues with its full implementation (export), since encryption can be used inappropriately by anti-government agencies! The government says it needs the ability to crack strong encryption to catch criminals and terrorists. A few companies, including IBM, have obtained export licences for strong encryption (56-bit programs vs. 40-bit programs), many high-tech companies still haven't. The most recent U.S. government policy requires that companies incorporate features within the next two years such that the government can crack the codes with software keys.

While it is very important to make sure that messages cannot be intercepted etc., this is a very small part of the security problems that must be resolved to help develop online commerce. Those interested in perpetrating online crimes will be more interested in breaking into a commercial site than intercepting individual transactions. Businesses develop firewalls that are designed to allow access to the site by those who should have access, and to block access to those who should not have access (the thief). A firewall is a computer equipped with software that is supposed to let only legitimate traffic pass. Firewalls should be developed to protect at the outside of the site, as well as within the site, to stop intruders from causing further havoc, once inside. Once inside a site, a "thief" can pose as the business and continue the business while diverting the revenue. The thief can access information about customers (credit card numbers etc.) that the business has collected, and change the information on the web, a particular problem for news services perhaps. Computers on WWW are so vulnerable because they are trying to handle too many tasks from one host. Servers are trying to be Web, news, nameservice, ftp and other types of servers. Employees also use the same computers for general purpose activities such as Email and web browsing. A secure host needs to be simple. Using a host for more than one function (being a web server and a mail hub) creates tremendous security problems. A second problem is that a secure host at one point in time does not make it secure in the future. According to Dan Farmer, a security system on a computer is compromised in direct proportion to its amount of use.

The internet and its computer mediated environment allows for anonymity. Although this offers many benefits it can be a problem for online commerce. Consumers need to be very sure they know who they are conducting business with (is this site really the site for Dell Computers?), and businesses also need to be sure that they are conducting business with the consumer whose information they are receiving. This can be achieved with encryption. Encryption allows for the integrity of the transaction as well as the authentication of the transaction. This is a seperate, but very important issue. By encrypting digital signatures, the vendor can be assured (as long as the encryption isn't compromised) that the consumer is who s/he says s/he is.

Payment Issues: Status

To address the above transactional security issues the following payment systems are evolving.
  1. SET
  2. Smart Cards
  3. New Payment Schemes
Credit cards have become a part of everyday life in commerce. This should give them a significant advantage over the development of other payment mechanisms. There are billions of credit cards in circulation, consumers understand credit cards and many businesses already accept credit cards as a form of payment. Thus credit cards are a logical choice for online commerce if security issues regarding using a credit card over the internet can be resolved. An industry consortium, made up of Mastercard, Visa, American Expess, Netscape and IBM are developing Secure Electronic Transactions (SET) standards that should resolve security issues. SET will work with banks to complete secure online transactions which will include purchase information and payment reconciliation. For each transaction, the customer's credit card number and purchase order will be seperately encrypted, and then scrambled together and encrypted a second time before being sent across the internet.

SET's projected launch date has been pushed back a number of times as issues need to be resolved. Originally SET was scheduled to debut in 1996 Fall. In January the launch date was supposed to be April 14. The current date is proposed to be May 31, 1997. If SET is successful, then customers should start to feel comfortable using credit cards for online transactions. This will challenge the other online payment schemes to develop a significant reason for their presence, and enable WWW retailing to compete on a stronger level with other non-store retailing media such as mail order and TV shopping.

"Smart" cards may become a viable payment scheme. Smart cards are similar (in appearance) to credit cards, but include a microchip that allows users to store money, acquired from their bank account, and pay for products by inserting the card into a reader to swipe. The consumer has a unique Personal Identification Number (PIN) for the Smart card, thus money cannot be stolen. Although smart cards have become popular in europe, they have yet to have proven popular in the U.S. They would also require each consumer to have a reader on the PC in order to execute the transaction. If SET is successful, then it will be hard to argue for a compelling reason for smart cards to also be successful for online commerce. The areas that they could prove valuable is for small transactions (under $10) that are not economically viable for credit card transactions, and for online retailers who do not accept credit cards.

New payment schemes have been developed specifically for online commerce. Examples include First Virtual and CyberCash. First Virtual was a pioneer in providing a secure transaction system for WWW. Customers give their credit card details over the telephone to First Virtual, they are then able to execute transactions online with merchants that are members of First Virtual's system, using a unique PIN. CyberCash targets "micropayments" for online services. Using an online account consumers are able to pay as little as 25 cents for online services. This may prove very valuable for small publishers and software developers. Both companies have struggled since they went public. CyberCash reported $50,646 in revenue for the quarter ended December 31, and lost $8 million. For the entire 1996, CyberCash lost $26.5 million, on revenue of $127,000. First Virtual lost $4.7 million in the fourth quarter of 1996 on revenue of $198,000. It lost $10.7 million on revenue of $696,000. At current levels, neither company has long to develop an economically viable system (less than a year before the cash generated from the IPOs runs dry).

The success of SET increases the chances of the schemes becoming a thing of internet history. SET has still not proven successful yet however. Encryption, while making it more difficult for thieves to compromise online transactions, has still to prove that it is a full proof system. As long as encrypted messages can be intercepted and manipulated, then a system like First Virtual, which does not use the Internet to communicate sensitive data (credit card numbers etc.) may develop a significant presence. If encryption does become full proof, then like smart cards, the areas that they may be able to develop a niche are for small transactions, and for businesses that do not accept credit cards. This market may become significant in size as WWW becomes an accepted medium for commerce. The barriers to entry for doing businesses are insignificant, allowing a new breed of businesses access to online commerce.

Impact of Micropayment Systems

Regardless of the payment systems that are adopted online, one issue will become apparent. The cost of transactions online will be significantly less than traditional transactions. The use of systems like CyberCash and First Virtual already allow transactions as low as 25 cents. This should help develop markets for products that were uneconomical to market in other environments. Published articles can be marketed as single products, as opposed to having to purchase an entire magazine. Software developers now have a means to attract consumers with single software programs, downloadable from WWW. As mentioned above, this market will likely grow quickly as online commerce becomes an accepted form of commerce.


Another issue in the development of a robust commercial environment online is the resolution of copyright, specifically for digital content (software and published articles). The cost of making digital copies is zero, copies are exact, copies are simple to create and the quality does not diminish according to the number of copies made (all usual barriers to making copies outside the digital environment). All these issues make creating digital copies attractive to consumers. Digital content products are products that are particularly attractive for online commerce since the transaction and the delivery are simulataneously executed within the medium. IBM is developing a solution, Cryptolopes, that only allows the original purchaser of the material, access to the material. Cryptolopes are electronic encrypted envelopes that contain the information (software, articles etc.) that can only be opened with a unique encryption key. This key is delivered simultaneously with the cryptolope. Using cryptolopes, IBM is planning to develop a thriving online marketplace, infoMarket, that will act as the cybermediary between consumers of information and vendors of information.

Positive Spirals

As issues regarding online commerce are resolved, more businesses will look to the internet as a viable commercial medium. As more businesses use the internet to market their products, more consumers will use WWW as an alternative retailing medium to buy products. As more consumers use WWW to buy products, more businesses will realise the benefits of adopting WWW as a commercial medium. This will create a positive spiral effect that should create a truly vibrant online commercial marketspace.

ECommerce Requirements

The following is a detailed description of Open Market's OM-Transact Software. This is a good illustration of the server requirements needed to develop a robust Ecommerce system. It is made up of:
Six core servers than run on Unix based machines: Three optional servers that run on Unix based machines: BBN Planet is using the Open Market platform for its Merchant Advantage service. The OM-Transact server accepts orders from the merchant's web-site via a secure link. It verifies the validity of the order, adds tax, shipping and other charges. It collects credit card payment information from the customer using a secure browser connection, gets payment authorization from a credit card facility, and issues the customer a digital receipt. Additionally, it manages a secure private key, used to encrypt communications between the merchant and BBN Planet's server, and maintains a record of each transaction in a database. It also notifies the merchant of each order and includes a description of the products purchased, the customer's identity and the delivery information. BBN would ultimately like to handle the order fulfillment process, developing relationships with delivery vendors (Fedex and UPS) for the merchant.

Impact of Intelligent Agents

Intelligent agents, like Andersen Consulting's BargainFinder (for CDs) are being developed to augment consumers shopping experience online. BargainFinder is an agent that comparison shops online to find the best price for a specific CD. BargainFinder (and subsequent agents) can help reduce the cost of comparison shopping online to zero. This is a significant departure to traditional comparison shopping where consumer choice is limited and searching does incur significant costs (time and money). Online retail stores are very concerned with how intelligent agents may change the shopping environment. Theoretically, an online consumer can compare all products and base their decision on price. This is an example (theoretically speaking) of perfect information leading to perfect competition in the marketplace. The need to differentiate products to try to avoid severe price competition becomes more apparent in this environment.