Models of E-Business

ECIS560: Information Systems and E-Commerce

Consider this…

World-wide B2B ecommerce will reach $8.5 trillion by 2005Universities are offering MBA concentration in E-commerceInternet is growing faster than any other medium in history

Radio took 38 years to have 50 million listenersTV took 13 years to reach 50 million viewersThe Web reached 50 million users in 4 years.

Properties of the Internet

Mediating technologyConnects people/businesses

UniversalityBoth enlarges and shrinks the world

Network externalitiesMetcalfe’s law

Distribution channelReplacement vs. extension effect

Time ModeratorInformation Asymmetry ShrinkerInfinite Virtual CapacityLow Cost Standard

Paid for by the US governmentCreative destroyer

New industries, transforming existing industriesTransaction Cost Reducer

5-Cs

Developing and delivering value to customers involves several activities that rely on information exchange

CoordinationCommerceCommunityContentCommunication

The Internet has had tremendous impacts on all five Cs.

Business Models

Four decisions/choices/issuesValue proposition or value cluster

Online customization allows targeting multiple segments

Marketspace offering Product, service, information, or combination

Unique, defendable resource system

A financial model

1. The Value Cluster

Multiple rather than singular propositionTechnology allows focus on several segments and several benefits

Must identifyTarget Segment

Market size and growth, unmet needs, weak competition

Focal Customer benefitsOne or more benefits? Is there product commoditization on the web?

Differentiating factorsWhat is it about an online company that makes its offerings significantly better than competition?

2. Marketspace Offerings

Three tasks for senior managementIdentify scope of offering

Category-specific (www.squashgear.com)Cross-category (www.thesportsauthority.com)Metamarkets (“customers tend to think in terms of activities while firms tend to think in terms of products” – Sawhney, 2001)

– Companies sometimes called metamediaries (www.babycenter.com)

Identify customer decision processMap offering to decision process

3. Defendable System Resource

Choice of actions and assets used to deliver value cluster

Identify core benefits in value clusterIdentify capabilities needed to provide each benefitLink resources to each benefitIdentify degree to which firm can deliver capabilityIdentify partners who can complete capabilities

Stress in online world is on strategic partnershipsCan include

– portal agreements (AOL)– anchor-tenant agreements (major provider of service for retailers)– or promotion agreements (example, frequent flier miles with purchase)

4. Financial Models

Revenue ModelsAdvertising, product sales, transaction fee, subscription

Shareholder ValueCompany plans to increase profits over timeExamples

Company-derived value creation– Best information, widest assortment,lowest prices, most personalized,

best experience, broadest user network…

User- and company-derived value creation– Metamarket switchboards (brings buyers and sellers together based

on common activity)– Traditional and Reverse Auctions– Category Switchboard

Other Taxonomies of e-Business Models (Rappa and Timmers 2000)

BrokerageBring buyers and sellers togetherCharge transaction fee

Sub-typesBuy/sell fulfillmentMarket exchangeBuyer aggregatorVirtual mallMetamediaryAuction brokerReverse auctionDistributor

More models

AdvertisingHas a site with useful content

Generates revenues through banners, buttons, etc.

Sub-typesGeneralized portal

Personalized portal

Specialized portal

Free model

Bargain discounter

More models

InfomediaryCollects valuable information on consumers and then sells it to firms (data mining)

Can also collect information about firms and sell to consumers

Sub-typesRecommender system

Registration model

More models

MerchantSell goods and services over the InternetMay be through list prices or auction

ManufacturingManufacturers try to bypass intermediaries and go directly to consumer

Affiliate Merchant has affiliates that have a click-through to merchant siteAffiliate paid a fee for every “click-through” that results in a sale

More models

CommunityBased on community loyaltyGood market target

SubscriptionSpecialized content for a priceOften mixed with free content

UtilityFirms pay as they goOnly pay for services consumed

Models of B2B transactions

Company-CentricSell-Side (one-to-many)Buy-Side (many-to-many)

E-Marketplace (many-to-many)Vertical exchangesHorizontal exchanges

E-Commerce ServicesE-infrastructure (consultants, standards developers)Web Hosting and SecurityE-process (payments, SC integration, etc.)E-markets (sales, advertisement, etc,)E-content (catalog management)E-service (CRM, directory services)

Company-Centric B2B : Sell Side Model

Company-Centric B2B : Buy Side Model

E-Marketplace (many-to-many)

Sell Side vs. Buy Side: Some transaction models

Sell SideForward auction

Sell from own site (Covisint)

Sell from intermediary (fairmarket.com)

Buy SideReverse Auction (shoppoint.co.kr)

Aggregation of supplier catalogs

Group purchasing plan (internal – GE, vs. external aggregations – mobshop.com)

Electronic Bartering

Impact of B2B on intermediaries

DisintermediationElimination of retailer or distributor

ReintermediationChanging the role of the intermediary

HypermediationFew organizations able to sell directly to consumer

People want broad product variety to choose from

All types of intermediaries involved Content providers, affiliate sites, search engines, portals, etc.

Advantages of B2B?

Reduced Purchasing Costs (through process integration)

Increased market efficiency (increased market base with lower acquisition costs)

Greater market intelligence (statistical analysis of market activity)

Decreased inventory levels

Collaborative platform for buyers and sellers

Online Transaction Security

What is network security

DefinitionProtection against accidental or intentional loss, destruction, or misuse of systems

Threats to securityany situation or event, whether intentional or accidental, that will adversely affect a system and consequently, the organization

Security Precautions

Restrict user views

Authorization rules

User-defined procedures

Encryption procedures

Authentication schemes

Security Issues for Transactions Over the Internet

PrivacyParties assured details of transactions kept confidential

IntegrityTransaction details cannot be altered without detection

AuthenticityParties to the transaction are who they say they are

Non-repudiationNo illegal backing out of a transaction

Security Measures for the Internet Age

Encryption

Digital Signatures

Digital Certificates

Secure Electronic Transactions (SET)

Encryption

Method by which email, data files are scrambled to make them secure

Four parts of cryptographyPlaintext, ciphertext, encryption algorithm, key

Involves use of digital keys to lock or unlock the data

Different keys produce different ciphertext with the same algorithm

Uses both public and private keysReceivers make available a public key that anyone can use

Only the receiver has the key to unlock the message

Encryption Standards

Data Encryption Standard (DES)Uses 56 bit keyBoth sender and receiver must know the keyOnly took three days to crack in 1998 (see www. distributed.net)

Triple DES (3DES)Encrypt the DES message three times

Advanced Encryption Standard (AES)Successor to the 3DES standard (128 bit)US Government has chosen Belgian Algorithm called Rijndael

Pretty Good Privacy (PGP)Product that uses the DES but is 128 bitTwo keys – public and private

Key sizes and time

Key Size in bits

No. Possible Keys Time to check all keys (1.6 million/sec)

Time to check all keys (10 million/sec)

40 1,099,511,627,776 8 days 109 seconds

56 72,057,594,037,927,900 1427 years 83 days

64 18,446,744,073,709,600,000

365,388 years 58.5 years

128 3.42082^38 6.73^24 years 1.0728^21 years

Source: Howard, 2000)

Public Key Infrastructure

Involves hardware, software, data transport mechanism, smart cards, governing policies and protocols

Requires services ofRegistration Authority

Certificate Authority

Data Repositories

Private vs. Public Key Encryption

sym

met

ric

asym

met

ric

Digital Signatures

Consists of two pieces of information the data being transmitted

The private key of the individual or organization sending the data

The private key acts as a digital signature to verify that the data is from the stated source

Digital Signatures: An Example

I. Create email message with contract in itII. Use special software to hash messageIII. Use private key to encrypt message (your

digital signature)IV. Email message and encrypted hash to

other partyV. Company uses same software to hash

messageVI. Company uses public key to decrypt

message hash sent to them – if it matches their hash, it is verified to be from you

Digital Signatures, contd.

As of October 1, 2000, digital signatures have same legal standing as ink signatures

By the Electronic Signatures in Global and National

Commerce Act

Act does not specify that PKI should be used

Companies exploring other technologiesIllumin.com (digital handshaking)

Signonline.com (digital signatures and e-docs)

Litronics (biometrics)

Digital Certificates (DC)

An attachment to an encrypted message

Purpose is to verify the sender of a message is who they say they are

Sender wishing to transmit an encrypted message applies for a DC from a certificate authority (CA)

Certificate contains (IETF X.509 v. 3.0)Sender’s name

Validity period

Sender’s public key

Hashed contents of certificate signed with CA’s private key

Using a DC

i. Individuals/companies apply for DC to CA by sending public key and identifying information

ii. CA verifies information and issues DC containing applicant's public key and identifying information

iii. If someone wants to send applicant a messagei. Sender requests recipient to send their DCii. Sender decrypts DC using CA’s public keyiii. Now confident of recipient’s identity, sender uses recipients

enclosed public key to encrypt message

iv. Sender only needs to know CA’s public key in advance

Non-Computer based controls

establishing a security policy and contingency plansecure positioning of equipmentsecure data and softwareescrow agreements (source code held by 3rd party)building controlsEmergency arrangements (cold, warm and hot sites)

Pu

bli

c P

olic

y

Tec

hn

ical

sta

nd

ard

s

I-Way Infrastructure (telecom, cable, etc.)

Multimedia content

Messaging and Information Distribution

Common business services (eg. security)

Apps: PC banking, Advt., video-on-demand

An Electronic Commerce FrameworkAn Electronic Commerce Framework

Some Problems with EC

Pornography

Privacy

Censorship

Haves and have-nots

Neo-luddites

Other Issues and RisksTransborder data flowsElectronic fraudHacker attacksCopyright issuesLegal questions

validity of electronic signaturesliabilitylegality of electronic contracts

Issues....

Public Policyrole of governmentcensorshipregulations

Net potatoesQuality of contentGetting lost in cyberspace (info overload)Overload of networks