comp2113 electronic commerce richard henson university of worcester april 2008
TRANSCRIPT
COMP2113COMP2113Electronic CommerceElectronic Commerce
Richard HensonRichard Henson
University of WorcesterUniversity of Worcester
April 2008April 2008
Week 6: On-line ShoppingWeek 6: On-line Shopping Objectives:Objectives:
Explain the features of B2C systems for Explain the features of B2C systems for handling on-line ordering and paymenthandling on-line ordering and payment
Describe the stages required to achieve an Describe the stages required to achieve an on-line orderon-line order
Identify these stages in a pre-prepared Identify these stages in a pre-prepared simple but effective on-line shopping simple but effective on-line shopping systemsystem
Explain important considerations when Explain important considerations when planning to receive payment on-lineplanning to receive payment on-line
Three stages of buyingThree stages of buying
Whether happening face-face, by mail Whether happening face-face, by mail order, or through the web, the following order, or through the web, the following three stages usually occur:three stages usually occur:customer (usually) looks at goodscustomer (usually) looks at goodsvendor lets customer know total price of vendor lets customer know total price of
goods chosengoods chosencustomer pays for goods (or leaves without customer pays for goods (or leaves without
making a purchase)making a purchase)
Buying on-line from a websiteBuying on-line from a website
All about the website…All about the website… Functionally (and legally) MUST Functionally (and legally) MUST
include:include:web pages showing details of products web pages showing details of products
(product pages)(product pages)web pages and system giving cost detail web pages and system giving cost detail
and total cost of order (shopping cart)and total cost of order (shopping cart)web pages for managing on-line paymentweb pages for managing on-line payment
The Home PageThe Home Page
Equivalent of a shop windowEquivalent of a shop window Needs to:Needs to:
be attractive to users – potential customers be attractive to users – potential customers (marketing!)(marketing!)
provide a balanced colour scheme & text font provide a balanced colour scheme & text font which will be replicated throughout the site…which will be replicated throughout the site…
provide links to all features of the site, including provide links to all features of the site, including product pagesproduct pages
Product PagesProduct Pages
As an absolute minimum, a product As an absolute minimum, a product page should include:page should include:picture of productpicture of productpricepricedrop-down menu for quantitydrop-down menu for quantityat least one mouse-click option to buyat least one mouse-click option to buy
» preferable also for customer to click on product preferable also for customer to click on product image to make a purchaseimage to make a purchase
On-line OrderingOn-line Ordering Can be achieved via the www in a number of Can be achieved via the www in a number of
ways:ways: data noted by customer and sent manually via data noted by customer and sent manually via
emailemail» requires effort on the part of the customer…requires effort on the part of the customer…
HTML or Web forms on the shopping pages linked HTML or Web forms on the shopping pages linked to an on-line product database capture data and to an on-line product database capture data and send it via emailsend it via email
A more sophisticated forms system creates the A more sophisticated forms system creates the on-line orderon-line order
» captures customer’s personal data securelycaptures customer’s personal data securely» links to a secure payment systemlinks to a secure payment system
Order via e-mailOrder via e-mail Now considered as primitive…Now considered as primitive…
but better than nothingbut better than nothing provided that emails are checked regularly!provided that emails are checked regularly!
Two possibilities:Two possibilities: customer creates email from scratch using email customer creates email from scratch using email
address given on home pageaddress given on home page using a HTML mailto command, which allows the using a HTML mailto command, which allows the
email message header to be generated email message header to be generated automaticallyautomatically
In either case, this is a manual system requiring the In either case, this is a manual system requiring the vendor to physically read the message and send a vendor to physically read the message and send a reply...reply...
Process of ordering via e-mailProcess of ordering via e-mail Customer:Customer:
initiates communication by sending an initiates communication by sending an unstructured message requesting product(s) unstructured message requesting product(s) displayed on websitedisplayed on website
Vendor:Vendor: replies with an emailed orderreplies with an emailed order
» may have be inputted by handmay have be inputted by hand requests an address for sending the request for requests an address for sending the request for
paymentpayment Payment needs to be manual:Payment needs to be manual:
shouldn’t send credit card details by emailshouldn’t send credit card details by email
Order via a Simple HTML formOrder via a Simple HTML form Customer presented with product list as a Customer presented with product list as a
form on the web pageform on the web page Just needs to select qty of each product Just needs to select qty of each product
required and submit the completed form to required and submit the completed form to either the vendor’s email address or direct to either the vendor’s email address or direct to the vendor’s own serverthe vendor’s own server because the information is structured, it can be because the information is structured, it can be
read, processed, and stored automatically by read, processed, and stored automatically by software at the server endsoftware at the server end
vendor system can also automatically get back to vendor system can also automatically get back to the customer to continue the buying process…the customer to continue the buying process…
Order via real-time on-line Order via real-time on-line forms system (Shopping Cart)forms system (Shopping Cart) The cart….The cart….
Collects the order based on mouse clicks on Collects the order based on mouse clicks on shopping pagesshopping pages
Stores, processes, displays the orderStores, processes, displays the order Captures customer detailsCaptures customer details Displays on-line invoice for customer, including tax Displays on-line invoice for customer, including tax
and any other extra costsand any other extra costs Provides payment options for the customer to Provides payment options for the customer to
complete their ordercomplete their order Emails a copy of the online invoice to the Emails a copy of the online invoice to the
customercustomer
More about More about Shopping Cart softwareShopping Cart software
Written in a combination of:Written in a combination of:HTMLHTMLa client-side scripting languagea client-side scripting language
» E.g. JavascriptE.g. Javascript» VBScriptVBScript
Scripts running on the vendor’s web server Scripts running on the vendor’s web server (server-side)(server-side)» interaction with server each time new data is interaction with server each time new data is
enteredentered
Further requirements of a full Further requirements of a full B2C e-commerce systemB2C e-commerce system
B2C e-commerce sites also seek to provide B2C e-commerce sites also seek to provide customers with up to date informationcustomers with up to date information e.g. price changes e.g. price changes new products in stocknew products in stock changes to existing productschanges to existing products
Can only be achieved by linking the web site Can only be achieved by linking the web site to a product database on a web serverto a product database on a web server database records for products should themselves database records for products should themselves
be easily updated from an online formbe easily updated from an online form
Server side web programmingServer side web programming
Already cover “web scripting” (client side)Already cover “web scripting” (client side) Shopping Cart implementation requires Shopping Cart implementation requires
“server scripts” running on web servers“server scripts” running on web servers Current popular types of script:Current popular types of script:
php (PHP Hypertext Preprocessor) often on a php (PHP Hypertext Preprocessor) often on a breed of Unixbreed of Unix
asp.net (Active Server Pages) often on Windows asp.net (Active Server Pages) often on Windows 2000, XP, or 2003 Server systems2000, XP, or 2003 Server systems
More this in the practical, and next week...More this in the practical, and next week...
Typical Implementation of Typical Implementation of Server-side Shopping CartServer-side Shopping Cart
Most commonly used (and most successful) Most commonly used (and most successful) B2C e-commerce implementation:B2C e-commerce implementation: Web page displays live data from organisational Web page displays live data from organisational
web serverweb server Customer selects product(s) and qty from on-line Customer selects product(s) and qty from on-line
formform Costs, including VAT and any extras automatically Costs, including VAT and any extras automatically
included on on-line invoiceincluded on on-line invoice Customer can choose to buy (or not!) directly by Customer can choose to buy (or not!) directly by
simply clicking a screen buttonsimply clicking a screen button System requests customer details and means of System requests customer details and means of
payment before continuing…payment before continuing…
Capture of Customer DetailsCapture of Customer Details Essential to deliver the goods…Essential to deliver the goods… Needs to include email address to inform Needs to include email address to inform
customer of progress of ordercustomer of progress of order details need to be stored so as not to infringe the details need to be stored so as not to infringe the
1998 Data protection Act1998 Data protection Act Customer data capture could be combined Customer data capture could be combined
with choice of username/password for future with choice of username/password for future login site authentication purposeslogin site authentication purposes should not be used for bank details authenticationshould not be used for bank details authentication a fraudster could guess username/password…a fraudster could guess username/password…
On-line Payment SystemsOn-line Payment Systems
Require a reliable means of authentication of Require a reliable means of authentication of the user, to establish TRUSTthe user, to establish TRUST
Most effectively done through an on-line link Most effectively done through an on-line link to the International banking systemto the International banking system
Authentication requires confirmation of:Authentication requires confirmation of: NameName type of accounttype of account account numberaccount number other information, depending on the type of other information, depending on the type of
accountaccount
B2B Payment SystemsB2B Payment Systems
B2B systems around for some time…B2B systems around for some time… made use of EFT (Electronic funds Transfer) from made use of EFT (Electronic funds Transfer) from
the outsetthe outset Both buyer and seller need to contact Both buyer and seller need to contact
relevant bank computer:relevant bank computer: for authentication purposesfor authentication purposes to transfer fundsto transfer funds
On-line banking system highly secure:On-line banking system highly secure: 512 bit encryption512 bit encryption virtual private network (VPN)virtual private network (VPN)
B2C Payment SystemsB2C Payment Systems
Websites and http are NOT secureWebsites and http are NOT secure Payment data may take place FROM the web Payment data may take place FROM the web
site, if made securesite, if made secure no easy matter requires secure protocols:no easy matter requires secure protocols:
» http-s (secure)http-s (secure)» SSLSSL
safer to transfer to a secure site for data capturesafer to transfer to a secure site for data capture Most popular method of authentication and Most popular method of authentication and
payment is credit/debit cardpayment is credit/debit card relevant bank computer needs to be contactedrelevant bank computer needs to be contacted similar authentication and funds transfer systems similar authentication and funds transfer systems
as for B2Bas for B2B
Security on B2C Payment Security on B2C Payment SystemsSystems
Lot of concern about security of B2C Lot of concern about security of B2C authentication and transactionsauthentication and transactions
Use of VPNs, encryption and secure Use of VPNs, encryption and secure protocols make it extremely unlikely that data protocols make it extremely unlikely that data will be intercepted en routewill be intercepted en route
Some concern about the “secure servers” of Some concern about the “secure servers” of merchant service providersmerchant service providers
Such servers hold e.g. credit card numbers Such servers hold e.g. credit card numbers stored in an encrypted formatstored in an encrypted format
Secure Merchant ServersSecure Merchant Servers
Server security a a matter of:Server security a a matter of: configuration and management of the server configuration and management of the server
softwaresoftware setting appropriate user privileges and file securitysetting appropriate user privileges and file security auditing of all access to confidential dataauditing of all access to confidential data appropriate monitoring of attempted entry to the appropriate monitoring of attempted entry to the
system by “invalid” userssystem by “invalid” users Probably a lot safer to have credit details Probably a lot safer to have credit details
here than written down by a stranger at the here than written down by a stranger at the other end of the telephone line…other end of the telephone line…
Keeping the Customer Informed!Keeping the Customer Informed! Relatively easy to produce a system that will Relatively easy to produce a system that will
keep the customer informed by email about keep the customer informed by email about the processing of their orderthe processing of their order especially important, bearing in mind that especially important, bearing in mind that
customers may be from overseascustomers may be from overseas Can program the system to send messages Can program the system to send messages
at various trigger points:at various trigger points: credit details are authenticatedcredit details are authenticated order is paid fororder is paid for order is “picked” order is “picked”
» from the databasefrom the database» physically from storesphysically from stores
order is dispatchedorder is dispatched
Completing the customer Completing the customer shopping experience…shopping experience…
Important to have:Important to have:A means of giving the customer a record of A means of giving the customer a record of
their order:their order:» by web page as well by email… (“fail-safe”)by web page as well by email… (“fail-safe”)
A corporate “thank you” pageA corporate “thank you” pageequivalent to the polite “goodbye” when a equivalent to the polite “goodbye” when a
customer leaves the shop – especially if customer leaves the shop – especially if they have made a purchase…they have made a purchase…
Producing web pages for e-Producing web pages for e-commercecommerce
By now, you should be able to use HTML (or By now, you should be able to use HTML (or an Authoring package) to produce simple web an Authoring package) to produce simple web pagespages
You should also be able to implement mailto, You should also be able to implement mailto, simple forms, and framessimple forms, and frames
You should be at the point of using small You should be at the point of using small JavaScript applets in HTML programs to JavaScript applets in HTML programs to provide processing ability or special effectsprovide processing ability or special effects
You should be becoming aware that using You should be becoming aware that using JavaScript makes the whole thing much more JavaScript makes the whole thing much more complicated!complicated!
Who can create Who can create e-commerce websites?e-commerce websites?
Producing an e-commerce site from scratch Producing an e-commerce site from scratch requires:requires: Good communication and analysis skillsGood communication and analysis skills Web page design skillsWeb page design skills Some programming skillsSome programming skills Database knowledgeDatabase knowledge Client-server networking skillsClient-server networking skills
Shop@ssistantShop@ssistant (example of (example of how to design shopping pages)how to design shopping pages) A variety of page itemsA variety of page items
e.g.e.g. buttons, text, pictures etc buttons, text, pictures etc. that can be . that can be changechangedd
““Instant” shopping cart system:Instant” shopping cart system: automatically displays “shopping basket” whenever automatically displays “shopping basket” whenever
forms data is addedforms data is added handles tax and shippinghandles tax and shipping links with third party payment handling system links with third party payment handling system
(merchant services provider)(merchant services provider)» security security handled by a “trusted” third partyhandled by a “trusted” third party
Shop@ssistantShop@ssistant Demo SDemo Sitesites Page designs can be used as templatesPage designs can be used as templates
also contain embedded client-side JavaScript to also contain embedded client-side JavaScript to interface with the shopping cart system…interface with the shopping cart system…
manipulation may need programming knowledge…manipulation may need programming knowledge… should be noted that the shopping system on most should be noted that the shopping system on most
systems uses server-side scripting, and not systems uses server-side scripting, and not necessarily written in JavaScriptnecessarily written in JavaScript
ToTo access access demonstration site demonstration sites:s: locate Shop@ssistant demos share on relevant locate Shop@ssistant demos share on relevant
serverserver double double click on index.html click on index.html in the shop assistant in the shop assistant
demos folder (itself within the program files folder)demos folder (itself within the program files folder)
Bookshop Demo Bookshop Demo Site Site (example)(example)
Navigation:Navigation:forward (buttons at the bottom of the page)forward (buttons at the bottom of the page)back (hyperlinks at top and bottom)back (hyperlinks at top and bottom)
Further forward navigation enables the customer Further forward navigation enables the customer to order the book in at least two waysto order the book in at least two ways ““hot” image of the book (i.e. you can click on it) hot” image of the book (i.e. you can click on it)
Buttons bunched together - bottom of all product Buttons bunched together - bottom of all product pages:pages: Order this BookOrder this Book 3 Copies for 2 Offer3 Copies for 2 Offer Review Basket Review Basket
Bookshop Demo Bookshop Demo SiteSite Each page is customizable for those with Each page is customizable for those with
JavaScript expertise... JavaScript expertise... Other features to note:Other features to note:
heading – to reflect corporate image, etc.heading – to reflect corporate image, etc. product pages all have hyperlink to a pop up “more product pages all have hyperlink to a pop up “more
detail” pagedetail” page the cart displaythe cart display
» terms & conditions & “remove item” check boxterms & conditions & “remove item” check box option to go to payment page - cashieroption to go to payment page - cashier
» brings up form for customer databrings up form for customer data on-line invoiceon-line invoice bullet pointed helpbullet pointed help
Demo Demo Site - Handling Site - Handling PaymentPayment
Online invoice appears AFTER Online invoice appears AFTER customer details completedcustomer details completedincludes shipping and VAT chargesincludes shipping and VAT chargesTOTAL is what the customer will actually TOTAL is what the customer will actually
paypay If name, address, email address fields If name, address, email address fields
not satisfactorily completed (validated)not satisfactorily completed (validated)payment method section is blocked…payment method section is blocked…
Where Where shop@ssistantshop@ssistant fails fails miserably…miserably…
Product details are stored “client-side”Product details are stored “client-side” each product page has its own dataeach product page has its own data no option for updating data remotelyno option for updating data remotely any updating requires reprogramming of the any updating requires reprogramming of the
page…page… This is why SERVER SCRIPTING is usually This is why SERVER SCRIPTING is usually
used for shopping sites…used for shopping sites… product data held on an easily product data held on an easily
readable/updateable databasereadable/updateable database connected via scripts with embedded SQL connected via scripts with embedded SQL
statementsstatements
For next week… More For next week… More Shopping sites to look atShopping sites to look at
WooshWoosh!! (www.wooosh.com) “The World of (www.wooosh.com) “The World of Online Shopping”Online Shopping” over 1,000 UK shopping sitesover 1,000 UK shopping sites
www.childrens-warehouse.comwww.childrens-warehouse.com www.webelectricals.co.ukwww.webelectricals.co.uk sites using freecom.net servicessites using freecom.net services
www.wineonlinenorth.comwww.wineonlinenorth.com www.funerals.co-op.co.ukwww.funerals.co-op.co.uk
And… More URL’s to look atAnd… More URL’s to look at
Continental Research.comContinental Research.com - profiles of - profiles of consumers using E-Commerce consumers using E-Commerce
ZendorZendor.com.com - logistics firm - back end - logistics firm - back end E-CommerceE-Commerce
TPS - Telephone Preference ServiceTPS - Telephone Preference Service MPS - Mail Preference ServiceMPS - Mail Preference Service
Finally… Investigate Finally… Investigate Server-side scriptingServer-side scripting
Course practicals will use asp.netCourse practicals will use asp.net different from asp, which is being phased out…different from asp, which is being phased out…
Needs an Internet Information ServiceNeeds an Internet Information Service provided with any XP Professional machineprovided with any XP Professional machine and any Vista Premium machine…and any Vista Premium machine… in each case, not a default installation & needs to in each case, not a default installation & needs to
be installedbe installed
Each of the above is FREE to Worcester Each of the above is FREE to Worcester Business School students via MSDNBusiness School students via MSDN