CA Intermediate (Enterprise Information System (EIS) ) : Summary Notes - Fast Track
CA Intermediate (Enterprise Information System (EIS) ) : Summary Notes - Fast Track
CA Intermediate (Enterprise Information System (EIS) ) : Summary Notes - Fast Track
Chapter 4
E-Commerce
CA Pradip K Agrawal Pradip K Agrawal is a commerce graduate. He is a qualified Chartered Accountant and Company Secretary. He has also
completed Quality Management System (QMS) and ISO-9001 Internal Auditor.
He has extensive experience in Information Technology (IT). He has around 13+ years in IT industry out of overall 19+ years in
corporate world. He has worked for fortune 500 companies for IT implementation, support, AMC, business process automation,
process re-engineering.
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 1
Traditional Commerce
Definition Traditional Commerce Delivery Model: Multi-Layer Traditional Commerce Delivery Model: Transaction Approach
Traditional Commerce is the 1. Manufacturer 1. Enter into the Shop
exchange of goods or services in 2. Wholesaler 2. Pick the Shopping Cart
person or face to face. The 3. Retailer 3. Select and Pick the Products
customer has to interact with the 4. Consumer 4. Go to the Billing Counter
business owner or a representative 5. Billing is Prepared
of the business one to one. 6. Make the Payment
7. Pick the Products
8. Leave the Shop
E-Commerce
Definition E-Commerce Delivery Model: Transaction Approach E-Commerce Delivery Model: Transaction Illustration
E-Commerce is the process of doing business 1. Order Placed by Customer Step 1: Go to Website and Register or Download the App
electronically. It uses the technology to process 2. Shopping Cart Step 2: Select the Type of Product
the transactions between a company, its 3. Payment Step 3: Select the Product
customers and business partners. It involves the 4. Order Completed Step 4: Go for Payment
use of automation for a variety of Business to 5. E-Mail sent to Merchant and Customer Step 5: Verify the Purchase
Business (B2B), Business to Consumer (B2C) 6. Sent to Warehouse for Fulfillment Step 6: Select the Payment Options
etc. transaction through reliable and secure 7. Shipping Carrier Picks-up Shipment Step 7: Make the Payment
connection. Step 8: Product is delivered
E-Commerce
Laws Governing E-Commerce
A. Commercial Law
Formation of Legal Entity Foreign Trade Consumers Employees
1. Companies Act, 2013 1. The Customs Act, s1962 1. Indian Contract Act, 1872 1. The Factories Act, 1948
⬛ E-Commerce-Private or Public Limited Co. ⬛ Import and export of goods ⬛ Defines constituents of a valid contract ⬛ Regulate working conditions of workers
⬛ Regulates corporate sector ⬛ Levy of customs duty ⬛ E-Commerce and E-Commerce transaction ⬛ Extends to place of storage and
⬛ Governs regulatory aspects of companies in ⬛ India signatory to GATT key to define constituents transportation
India ⬛ Software downloads, debate of tariff
2. Consumer Protection Act, 1986
2. Income Tax Act, 1961 2. Foreign Trade Development and Regulation Act, 1992
⬛ Protects consumer rights
3.
⬛ Regulates taxation of income in India ⬛ Regulates foreign trade – import into and ⬛ Transactions source of most of the
⬛ Origin of transaction critical for taxation export from India litigations
⬛ Incidental matters 3. The Competition Act, 2002
3. Goods and Service Tax Act, 2017 ⬛ Amazon allowed purchase from global store ⬛ Regulates adverse effects on competition in
2.
⬛ Upload sales and purchases invoice on 3. Foreign Exchange Management (FEMA) Act, 1999 India
central IT infrastructure 3. ⬛ Competition commission’s vigilance
⬛ FDI and flow of foreign exchange in India
⬛ Reconciling the business transactions,
⬛ FDI – 100% automatic route B2B
GST tax payment, Tax Credits, and
⬛ FDI – B2C calibrated manner
Filing of e-Return.
B. Special Law
1. Information Technology Act, 2000 2. Reserve Bank of India Act, 1932
⬛ Regulates online transactions, penalties, prosecution for non-compliance ⬛ Credit/Debit card to be chip based
⬛ Important aspects: ⬛ OTP or PIN for all transactions
► Legality of products; ⬛ Capital Adequacy norms for payment wallets like SBI buddy, PAYTM etc.
► Data protection;
► Privacy;
► Online advertising;
► Other provisions
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 3
E-Commerce
Guidelines for E-Commerce Benefits
1. Product Warranty or Guarantee 2. Billing 1. Customers/Individuals/ Users 2. Business/ Sellers
► Proper Display ► Format of Billing ► Anytime, Anywhere, 24x7 Access ► Creation of New Markets
► Documents along-with the Product ► Details on Billing ► Various Options ► Easier Entry into New Markets
► Applicable GST ► Easy to find Reviews ► Increasing Customer Base
s ► Coupons and Deals ► Instant Transactions
► Convenience ► Provide a Dynamic Market
3. Shipping 4. Delivery
► Time Savings ► Elimination of Time Delays
► Shipping Time ► Mode of Delivery ► Competitive Benefits ► Reduction in Costs
► Frequency of Shipping ► Time of Delivery ⬛ Overhead Costs
E-Commerce
Components
A. Users
B. E-Commerce Vendors C. Technology Infrastructure
1. Suppliers and Supply Chain 4. E-Commerce Catalogue and Product 8. Showroom and Offline Purchase 1. Computers, Servers & Database
Management Display
o Availability of enough and right goods o Proper display of all products o Feel, touch or see the products o Backbone for success
suppliers o Customers gauge the products o Customers gauge the products o Stores program and data
o Operationally and financially safe o Good catalogue – customer experience o Good catalogue – customer experience o Shared infrastructure
o Real time stock inventory
o Orders dispatched and delivered quickly 5. Guarantees 9. Privacy Policy 4. Web Portal
2. Warehouse Operations
o Money back guarantees o Policy via-a-vis customer data and o Front-end interface
o Products are stored o Customer satisfaction and safety information o Simplicity and clarity
o Picked and packed as per specifications o Disclosure to use the information of o Accessed through devices
o Dispatched for delivery 6. Marketing and Loyalty Programs customers
3. Digital Libraries
o Long term relationship with customers 10. Security
3. Shipping and Return
o Airline Industry o Collection of digital objects
o Fast Return - USP o State security policy o Organizing, storing and retrieving files
o Effective & Efficient 7. Different Ordering Methods o Online data to transact is safe
o SSL
o Debit Cards and Credit Cards o Fall into the hands of malicious hackers
o Cash on Delivery (CoD)
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 4
E-Commerce
Components Architecture of Network System
C. Technology Infrastructure ►Architecture denotes the way network architecture is built and e-Commerce runs through network connected system
4. Digital Libraries 1. Two-Tier Architect 2. Three-Tier Architect
o Collection of payment A. Client Application A. Presentation Layer
o Credit Card, Debit Card, Online Payment,
UPIS ► Client Application handles both presentation and application ► Client and Top Layer.
layers. ► User interacts at the time of using software.
5. Data Interchange ► Acts as an interface between user and e-Commerce and m- ► Communicates with application layer.
Commerce vendor. ► User information passed to application layer.
o Electronic communication of data
► User logs-in ► Example – G-Mail logs-in
o Specific Protocols and Standards for
► Connects to database application
communication between players B. Application Layer
► Displays products and price
B. Database Application
6. Internet / Network ► Business Logic Layer or Logical Layer.
o Key for E-Commerce ► Server system handles database layer. ► Mediator between Presentation Layer and Database Layer.
o Traditional and New Technology ► Stores data of products, prices, customers, and other related data. ► Controls business logic and application’s functionality.
o 4G Services ► User can not access data directly. ► Interacts with Database Layer.
► Data displayed through application tier. ► Sends information to Presentation Layer.
► Performs operations on applications.
7. Mobile Apps ► Additional Note:
► Example, G-Mail validates credentials and interacts with database
► Communication takes place between client and server. layer
► Software Application Program ► Client sends request to server system.
► Android, iOS, Blackberry, Windows Mobile, ► Server processes request & sends back data. C. Database Layer
Tizen, Firefox OS
► Mobile Devise Specific Advantages Disadvantages ► Stores data.
► Key Components: ► Application Layer communicates with Database Layer and
⬛ Mobile Storefront ► Higher Performance ► Scalability retrieves data.
⬛ Mobile Ticketing ► Simplicity ► Flexibility ► Contains methods to connect to Database Layer.
⬛ Mobile Marketing & Advertising ► Multiple Users ► Performs required action e.g. insert, update, delete etc.
⬛ Mobile Customer Support & Information
► Example, User gets the mails on inbox retrieving information from
⬛ Mobile Banking
database layer
3. Three-Tier Architect
Advantages Dis-advantages
► Clear separation of user-interface control & data presentation from application layer ► Increased need for network traffic management, server load balancing and fault tolerance
► Dynamic Load Balancing ► Immature and Complex
► Change Management ► Inadequate Maintenance Tools
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 5
E-Commerce
E-Commerce Architecture Vide Internet
Approach: Mobile Web Browser and Internet Approach: Application Server and Back End Server Approach: Stores data relating to products, price etc.
Example: Mobile App, User Example: E-Merchants, Reseller, Logistics Partner, and Purpose: Accessible to user through application layer.
Purpose: e-Commerce customer connects to e-Commerce Payment Gateway
merchant Purpose: Customer logs into merchant systems. Allows
customer to check the products available on merchant’s
website.
E-Commerce
Risks Controls
3.
1. Infrastructure D. Security and Credit Card Issue 4. Transaction Internal Control, as defined in accounting and
auditing is a process for assuring achievement
A. Infrastructure • Cloning debit cards and credit cards A. Problem of anonymity of an organization’s objectives in operational
• Poses security threats and financial loss effectiveness and efficiency, reliable financial
• Need digital infrastructure • Identify & authenticate users reporting, and compliance with laws, regulations
• Roads and Railways E. Data Loss or Theft or Duplication • Anyone from anywhere buy & sell and policies.
• Data transmitted over internet 4.
2. Technology B. Repudiation of contract Objectives
• Lost, duplicated, tampered with or relayed
A. Need Access to Internet & Lack of • Electronic transaction for purchase & sale • System effectiveness objectives
F. Problem of Piracy denied
Personal Touch
• System efficiency objectives
• Intellectual Property not protected C. Lack of authenticity of transactions
• Additional cost
• Transaction through e-Commerce • Safeguard assets from un-authorized access
• Lacks personal touch • Electronic transactions
•
3. Product • Not reliable & authentic • Ensure data integrity
B. Privacy and Security
A. Quality Issues D. Denial of service
• Personalized info. vulnerable to misuse • Prevent loss of computer hardware, software
• Poses a higher degree of threats by hackers • Original product differ from ordered • Non-availability of system and personnel
• Viruses, e-Mail Bombs & Floods
C. Attack from hackers • Prevent organizational costs of data Loss
B. Delay in delivery of goods & hidden cost
E. Lack of audit trails
• Vulnerable to hackers • Delay in delivery of goods • Prevent loss from incorrect decision-making
• Incomplete logs
• Hidden costs for cross-border transaction • Prevent from high costs of computer Error
• Too voluminous & Easily tempered
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 6
E-Commerce
Controls
Persons in Value Chain
1. Users 2. Sellers/Buyers/Merchants 3. Network Service Providers 4. Technology Service Providers 5. Logistic Service Providers
• Genuine users • Product catalogues • Availability & security of • Cloud computing back ends • Timely product deliveries
• Accounts hacked • Price catalogues network • Application back ends
• Buy products and services • Discounts & promotional • Downtime of network • Risk of availability & Security 7. Government
schemes • Tax accounting
• Product returns 6. Payment Gateways • Legality of products
• Accounting for cash received
through cash on delivery mode of • Efficient, effective & foolproof
sales
•
E-Commerce
Communication
⬛ Educating the participants about ▪ Communication of organizational ▪ Ensure compliance with industry ▪ Protect e-Commerce business
the nature of risks policies to its customers body standards from intrusion
► Infrastructure policies and guidelines: ► Privacy policies ► Compliances and adherence to law of land ► Viruses
► Frequency & nature of education ► Information security ► Hackers
programs ► Shipping & billing policies ► Passwords
► Participants ► Refund policies ► Regular software updates
► Sensitive data
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 7
E-Commerce
Cyber Security Risk Consideration
Control
1. IT Infrastructure Landscape 5. Firewalls 10. Baseline configuration review 14. Awareness campaigns
• Diagram-Servers, Databases, Hubs, • Internet activity in accordance with rules • Established under security standards • Employee awareness
Routers, Internal & External networks defined. • Periodically reviewed • Focusing on methods of intrusion
• Stopped based on individual actions
2. IT Infrastructure Assets 6. Access Approval Process 11. Vulnerability scan or penetration
testing
• List of digital assets • Approval process exists before access
• Physical location of assets granted • Scan or testing performed
• IT managers responsible for protection • Findings noted
7. Authentication
3. Policy and procedure document of IT 12. Annual Review
infrastructure Assets • Two factor authentication for remote
access • CIO review digital assets and IT
• Criticality of digital assets • Username, password, pin, token etc. infrastructure
• Use • Critical cyber security risks
8. Issue resolution process for cyber •
• Direct impact on the financial statements Design control to address
• Access restrictions security breach
13. Skill set & training of IT managers
• Actions for breach
4. IT Security Policy
• Controls from occurring • Skilled & trained to perform the
• Circulated to all employees functions
• Adherences to procedures accessing IT
9. Back-up plan
system or resources
• Back-up schedules timely & properly
• Password security, restricted use of
• Applicable for outsourced assets:
internet etc.
• Server maintenance
• Security