Your SlideShare is downloading. ×
E-business by G. Schneider - Chapter 11 (edition 9)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

E-business by G. Schneider - Chapter 11 (edition 9)

2,640

Published on

Published in: Economy & Finance, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,640
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
342
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. E- Business Ninth Edition Chapter 11Online Payment Systems 1
  • 2. Learning ObjectivesIn this chapter, you will learn about:• The basic functions of online payment systems• The use of payment cards in electronic commerce• The history and future of electronic cash• How electronic wallets work• The use of stored-value cards in electronic commerce• Internet technologies and the banking industryE-Business, Ninth Edition 2
  • 3. Online Payment Basics• Online payment systems – Still evolving • Competition for dominance – Cheaper than mailing paper checks – Convenient for customers – Save companies money• Costs per bill – Billing by mail: between $1.00 and $1.50 – Internet billing and payment costs: 50 cents• Significant environmental impactE-Business, Ninth Edition 3
  • 4. Online Payment Basics (cont’d.)• Four ways to purchase items (traditional and electronic) – Cash, checks, credit cards, debit cards • 90% of all United States consumer payments• Electronic transfer: small but growing segment – Popular example: automated payments• Credit cards – Worldwide: 90% of online payments – United States: 97% of online payments – Noncard payment alternatives (PayPal) becoming increasingly popularE-Business, Ninth Edition 4
  • 5. FIGURE 11-1 Forecasted forms of payment for U.S. consumer transactionsE-Business, Ninth Edition 5
  • 6. Online Payment Basics (cont’d.)• Scrip – Digital cash minted by a company • Cannot be exchanged for cash • Exchanged for goods or services – Like a gift certificate: good at more than one store – Current scrip offerings (eScrip) • Focus: not-for-profit fundraising market – Popular scrip use • Has not materializedE-Business, Ninth Edition 6
  • 7. Online Payment Basics (cont’d.)• Online business payment requirements – Safe, convenient, widely accepted• Companies sell payment processing package serviceE-Business, Ninth Edition 7
  • 8. FIGURE 11-2 Payment processing service offerings of Payment OnlineE-Business, Ninth Edition 8
  • 9. Payment Cards• Payment card – Describes all types of plastic cards used to make purchases – Categories: credit cards, debit cards, charge cards• Credit card (Visa, MasterCard) – Spending limit based on user’s credit history – Pay off entire credit card balance • May pay minimum amount – Card issuers charge unpaid balance interest – Widely accepted – Consumer protection: 30-day dispute periodE-Business, Ninth Edition 9
  • 10. Payment Cards (cont’d.)• Credit card (cont’d.) – Card not present transactions • Cardholder not present during transaction • Extra degree of risk for merchant and bank• Debit card – Removes sales amount from cardholder’s bank account – Transfers sales amount to seller’s bank account – Issued by cardholder’s bank • Carries major credit card issuer nameE-Business, Ninth Edition 10
  • 11. Payment Cards (cont’d.)• Charge card (American Express) – No spending limit – Entire amount due at end of billing period – No line of credit or interest charges – Examples: department store, oil company cards• Retailers may offer their own charge cardsE-Business, Ninth Edition 11
  • 12. Payment Cards (cont’d.)• Single-use cards – Cards with disposable numbers • Addresses concern of giving online vendors payment card numbers • Valid for one transaction only • Designed to prevent unscrupulous vendor fraud – Withdrawn from the market • Problem: required different consumer behaviorE-Business, Ninth Edition 12
  • 13. Advantages and Disadvantages of Payment Cards• Advantage for merchants – Fraud protection • Can authenticate and authorize purchases using a payment card processing network• Advantage for U.S. consumers – Liability of fraudulent card use: $50 • Frequently waived if card stolen• Greatest advantage – Worldwide acceptance • Currency conversion handled by card issuerE-Business, Ninth Edition 13
  • 14. Advantages and Disadvantages of Payment Cards (cont’d.)• Disadvantage for merchants – Per-transaction fees, monthly processing fees • Viewed as cost of doing business – Goods and services prices: slightly higher • Compared to environment free of payment cards• Disadvantage for consumers – Annual fee• Provide built-in security for merchants – Assurance of payments• Card transaction steps transparent to consumersE-Business, Ninth Edition 14
  • 15. Payment Acceptance and Processing• Internet payment card process made easier – Due to standards• EMV standard – Single standard handling payment card transactions – Visa, MasterCard, MasterCard International• United States online stores, mail order stores – Must ship merchandise within 30 days of charging payment • Significant violation penalties • Charge account when shippedE-Business, Ninth Edition 15
  • 16. Payment Acceptance and Processing (cont’d.)• General steps in payment card transactions – Merchant receives consumer’s payment card information • Merchant authenticates payment card to ensure validity • Merchant checks with payment card issuer to ensure credit or funds available • Puts a hold on credit line or funds needed to cover the charge • Settlement occurs (few days after purchase) • Funds travel between banksE-Business, Ninth Edition 16
  • 17. Payment Acceptance and Processing (cont’d.)• Open and closed loop systems – Closed loop systems • Card issuer pays merchant directly • Does not use intermediary • American Express, Discover Card – Open loop systems (three or more parties) • Third party (intermediary bank) processes transaction • Visa, MasterCard: not issued directly to consumers • Credit card associations: operated by association member banks • Customer issuing banks: banks issuing cardsE-Business, Ninth Edition 17
  • 18. Payment Acceptance and Processing (cont’d.)• Merchant accounts – Merchant bank (acquiring bank) • Bank wanting to accept payment cards – Merchant account required to process Internet transactions payment cards – Obtaining account • Merchant provides business information • Bank assesses business type risk • Bank assesses percentage of sales likely to be contestedE-Business, Ninth Edition 18
  • 19. Payment Acceptance and Processing (cont’d.)• Merchant accounts (cont’d.) – Chargeback process • Cardholder successfully contests charge • Merchant bank must retrieve money from merchant account • Merchant may have to cover chargeback potential – Problem facing online businesses: fraud • 10 percent of all credit card transactions completed online • Responsible for 70 percent of total dollar amount of credit card fraudE-Business, Ninth Edition 19
  • 20. Payment Acceptance and Processing (cont’d.)• Merchant accounts (cont’d.) – Online transaction fraud increased steadily through 2009 – Fraud losses dropped 18 percent from 2008 to 2009 • Scoring services providing risk ratings for individual transactions in real time • Shipping only to card billing address • Requiring card verification numbers (CVNs) for card not present transactions – CVN • Three- or four-digit number printed on the credit card • Not encoded in the card’s magnetic stripE-Business, Ninth Edition 20
  • 21. Payment Acceptance and Processing (cont’d.)• Processing payment cards online – Payment processing service providers • Companies offering payment card processing – Example: InternetSecure • Supports Canadian and U.S. Visa and MasterCard payments • Provides risk management and fraud detection • Handles online merchants’ transactions • Uses existing bank-approved payment card processing infrastructure, secure links, firewalls • Notifies merchant of all approved orders and supplies buyer authorization codesE-Business, Ninth Edition 21
  • 22. Payment Acceptance and Processing (cont’d.)• Processing payment cards online (cont’d.) – FirstData and Merchant Warehouse • Provide credit card processing software and services – Automated Clearing House (ACH) • Network of banks connecting credit card processing software vendors and card authorization companies – More information • EPN, NACHA - The Electronic Payments Association, The Clearing House, U.S. Federal Reserve Bank’s Federal Reserve Financial Services siteE-Business, Ninth Edition 22
  • 23. FIGURE 11-3 Processing a payment card transactionE-Business, Ninth Edition 23
  • 24. Payment Acceptance and Processing (cont’d.)• Processing payment cards online (cont’d.) – InfoSpace’s Authorize.Net • Online, real-time payment card processing service • Merchants link to system by inserting small HTML code block into transaction page • Order encrypted, transferred to Authorize.Net server • Server relays transaction to bank network • Customers not aware of third-party supplier (usually)E-Business, Ninth Edition 24
  • 25. Electronic Cash• Electronic cash (e-cash, digital cash) – Describes any value storage and exchange system created by private (nongovernmental) entity • Does not use paper documents or coins • Can serve as substitute for government-issued physical currency• Readily exchanged for physical cash on demand• Problems – No standard among all electronic cash issuers – Not universally acceptedE-Business, Ninth Edition 25
  • 26. Electronic Cash (cont’d.)• Recall from previous section: – Banks make money by charging merchants a credit card processing fee on each transaction• Fee ranges: one percent to four percent of the transaction value• Banks often impose a minimum fee – 20 cents or more per transaction• Banks charge electronic commerce sites – More than similar brick-and-mortar storesE-Business, Ninth Edition 26
  • 27. Electronic Cash (cont’d.)• Stores accepting credit cards may require: – Minimum purchase amount of $10 or $15• Small purchases not profitable for merchants – Bank credit card fees greater than profits• Factors favoring electronic cash – Potentially significant electronic cash market • Internet small purchases (below $10) – Most of world’s population does not have credit cards• Idea of electronic cash refuses to dieE-Business, Ninth Edition 27
  • 28. Micropayments and Small Payments• Micropayments – Internet payments for items costing few cents to a dollar• Micropayments barriers – Not implemented very well on the Web yet – Human psychology • People prefer to buy small value items in fixed price chunks • Example: mobile phone fixed monthly payment plansE-Business, Ninth Edition 28
  • 29. Micropayments and Small Payments (cont’d.)• Companies that have developed micropayment systems – Millicent, DigiCash, Yaga, BitPass • All failed – No company gained broad acceptance of its system – No company devoted solely to offering micropayment servicesE-Business, Ninth Edition 29
  • 30. Micropayments and Small Payments (cont’d.)• Small payments – All payments of less than $10 – Being offered through mobile telephone carrier • Buyers make purchases using their mobile phones • Charges appear on monthly mobile phone bill • Bright future held back by mobile carriers’ substantial chargesE-Business, Ninth Edition 30
  • 31. Privacy and Security of Electronic Cash• Electronic payment method concerns – Privacy and security, independence, portability, convenience – Privacy and security: most important to consumers • Vulnerable transactions • Electronic currency: copied, reused, forged• Important characteristics of electronic cash – Ability to spend only once – Anonymous use – ConvenienceE-Business, Ninth Edition 31
  • 32. Holding Electronic Cash: Online and Offline Cash• Online cash storage – Consumer has no personal possession of electronic cash • Trusted third party (online bank) involved in all transfers, holds consumers’ cash accounts• Online system payment – Merchants contact consumer’s bank • Helps prevent fraud (confirm valid cash) • Resembles process of checking with consumer’s bank to ensure valid credit card and matching nameE-Business, Ninth Edition 32
  • 33. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Offline cash storage – Virtual equivalent of money kept in wallet – Customer holds it • No third party involved in transaction – Protection against fraud concern • Hardware or software safeguards needed – Double-spending • Spending electronic cash twice • Submit same electronic currency to two different vendors • Not enough time to prevent fraudulent actE-Business, Ninth Edition 33
  • 34. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Main deterrent to double-spending – Threat of detection and prosecution• Keys to creating tamperproof electronic cash traceable back to origins – Cryptographic algorithms – Two-part lock • Provides anonymous security • Signals an attempt to double-spend cashE-Business, Ninth Edition 34
  • 35. Holding Electronic Cash: Online and Offline Cash (cont’d.)• When second transaction occurs – Complicated process reveals: • Attempted second use • Identity of original electronic cash holder• Electronic cash used correctly – Maintains user’s anonymity• Double-lock procedure – Protects anonymity of electronic cash users – Simultaneously provides built-in safeguards to prevent double-spendingE-Business, Ninth Edition 35
  • 36. FIGURE 11-4 Detecting double-spending of electronic cashE-Business, Ninth Edition 36
  • 37. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Double-spending – Neither detected nor prevented with truly anonymous electronic cash• Anonymous electronic cash – Cannot be traced back to person who spent it• Tracing electronic cash – Attach serial number to each electronic cash transaction • Cash positively associated with particular consumer • Does not solve double-spending problemE-Business, Ninth Edition 37
  • 38. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Single issuing bank can detect when two deposits of same electronic cash are about to occur – Impossible to ascertain fault (consumer or merchant)• Electronic cash containing serial numbers – No longer anonymous • One reason to acquire electronic cash – Raises privacy issues • Using serial numbers to track consumers’ spending habitsE-Business, Ninth Edition 38
  • 39. Advantages and Disadvantages of Electronic Cash• Traditional brick-and-mortar billing methods – Costly and inefficient• Online stores have the same payment collection inefficiencies• Online customers use credit cards to pay for purchases• Online auction customers use conventional payment methods – Checks, money ordersE-Business, Ninth Edition 39
  • 40. Advantages and Disadvantages of Electronic Cash (cont’d.)• Electronic cash system – Less popular than other payment methods – Provides unique advantages and disadvantages• Advantages of electronic cash transactions – More efficient (less costly) • Efficiency fosters more business (lower prices) – Occurs on existing infrastructure (Internet) – Does not require one party to obtain authorizationE-Business, Ninth Edition 40
  • 41. Advantages and Disadvantages of Electronic Cash (cont’d.)• Disadvantages of electronic cash transactions – No audit trail – Money laundering • Technique criminals use to convert money illegally obtained into spendable cash • Purchase goods, services with ill-gotten electronic cash • Goods sold for physical cash on open market• Electronic cash has not yet become a global success – Will require wide acceptance and solution to problem of multiple electronic cash standardsE-Business, Ninth Edition 41
  • 42. Advantages and Disadvantages of Electronic Cash (cont’d.)• Creating truly anonymous electronic cash – Bank issues electronic cash with embedded serial numbers • Bank digitally signs electronic cash while removing association of cash with particular customerE-Business, Ninth Edition 42
  • 43. Electronic Cash Systems• Electronic cash – More successful in Europe and Japan • Consumers prefer to use cash (does not work well for online transactions) • Electronic cash fills important need – Not successful in United States • Consumers have payment cards and checking accounts• KDD Communications (KCOM) – Internet subsidiary: Japan’s largest phone company – Offers electronic cash through NetCoin CenterE-Business, Ninth Edition 43
  • 44. Electronic Cash Systems (cont’d.)• Reasons for failure of United States electronic cash systems – Electronic cash systems implementation • Required to download and install complicated client- side software that ran in conjunction with browser – Number of competing technologies • No standards developed • Array of proprietary electronic cash alternatives – No interoperable software • Runs transparently on variety of hardware configurations and different software systemsE-Business, Ninth Edition 44
  • 45. Electronic Cash Systems (cont’d.)• PayPal – Payment processing services to businesses, individuals – Earns profit from float • Money deposited, not used immediately – Charges transaction fee • Businesses using service to collect payments – Peer-to-peer (P2P) payment system • Free payment clearing service for individuals • Payments from one type of entity to another of the same typeE-Business, Ninth Edition 45
  • 46. Electronic Cash Systems (cont’d.)• PayPal (cont’d.) – Eliminates writing and mailing checks or payment cards – Send money instantly and securely to anyone with an e-mail address – Convenient for auction bidders to pay for purchases – Convenient for auction sellers • Eliminates risks posed by other online payment types – Transactions clear instantly – Redemption • PayPal check or direct deposit to checking accountsE-Business, Ninth Edition 46
  • 47. Electronic Cash Systems (cont’d.)• PayPal (cont’d.) – Merchants and consumers first register for PayPal account • No minimum amount account balance • Add money by authorizing checking accounts transfer, using credit card • Merchants need PayPal accounts to accept PayPal paymentsE-Business, Ninth Edition 47
  • 48. Electronic Wallets• Consumer concerns when shopping online – Entering detailed shipping and payment information for each online purchase – Filling out forms• Solution – Allows customer to store name, address, credit card information on the site – Problem • Consumers must enter information at each siteE-Business, Ninth Edition 48
  • 49. Electronic Wallets (cont’d.)• Electronic wallet (e-wallet) – Holds credit card numbers, electronic cash, owner identification, owner contact information – Provides information at electronic commerce site checkout counter – Benefit: consumer enters information once • More efficient shopping• Server-side electronic wallet – Stores customer’s information on remote server of merchant or wallet publisher – No download time or installation on user’s computerE-Business, Ninth Edition 49
  • 50. Electronic Wallets (cont’d.)• Server-side electronic wallet (cont’d.) – Main weakness • Security breach can reveal thousands of users’ personal information (credit card numbers)• Client-side electronic wallet – Stores information on consumer’s computer – Disadvantages • Must download wallet software onto every computer • Not portable – Advantage • Sensitive information stored on user’s computerE-Business, Ninth Edition 50
  • 51. Electronic Wallets (cont’d.)• Characteristics of useful wallets – Wallet accessibility • Populate data fields in any merchant’s forms for any site consumer visits – Electronic wallet manufacturer and merchants from many sites must coordinate efforts • Wallet recognizes consumer information going into each field of given merchant’s formsE-Business, Ninth Edition 51
  • 52. Electronic Wallets (cont’d.)• Electronic wallets can: – Store shipping and billing information – Hold credit card names, numbers • Offers consumer choice of credit cards at online checkout – Hold electronic cash from various providersE-Business, Ninth Edition 52
  • 53. Electronic Wallets (cont’d.)• MasterCard electronic wallet – Abandoned effort • Current major browsers include feature to remember names, addresses, other commonly requested information • Browser provides one-click Web form field completion – Two e-wallet arena survivors • Microsoft Windows Live ID • Yahoo! WalletE-Business, Ninth Edition 53
  • 54. Microsoft Windows Live ID• Formerly called Passport, Microsoft .NET Passport• Single sign-in service – Includes server-side electronic wallet – Operated by Microsoft• All personal data entered into Windows Live ID wallet – Encrypted and password protectedE-Business, Ninth Edition 54
  • 55. Microsoft Windows Live ID (cont’d.)• Four integrated services – Single sign-in service (SSI) • Allows user to sign in using username and password – Wallet service • Provides electronic wallet functions – Kids service • Helps parents protect, control children’s online privacy – Public profiles • Allows consumers to create public page of information about themselvesE-Business, Ninth Edition 55
  • 56. Yahoo! Wallet• Server-side electronic wallet offered by Yahoo!• Completes order forms automatically – Identifying information, credit card payment information• Stores information• Accepted by: – Thousands of Yahoo! Store merchants, Yahoo! Travel – Yahoo! Services • Premium e-mail storage, Web hosting feesE-Business, Ninth Edition 56
  • 57. Yahoo! Wallet (cont’d.)• Yahoo! advantage – Hosts many services and shops • Large number of merchants accept wallet• Privacy concern – Company issuing wallet has access to much information about individual using walletE-Business, Ninth Edition 57
  • 58. Stored-Value Cards• Microchip smart card or magnetic strip plastic card – Records currency balance• Microchip versus magnetic strip – Microchip stores more information – Tiny microchip computer processor • Performs calculations and storage operations on card – Different microchip card reader needed• Examples: prepaid phone, copy, subway, bus cards• “Stored-value card” and “smart card” used interchangeablyE-Business, Ninth Edition 58
  • 59. Magnetic Strip Cards• Holds rechargeable value• Passive magnetic strip cards cannot: – Send or receive information – Increment or decrement cash value stored• Processing done on device into which card inserted• Magnetic strip cards and smart cards store electronic cash – Smart card better suited for Internet payment transactionsE-Business, Ninth Edition 59
  • 60. Smart Cards• Stored-value card – Plastic card with embedded microchip• Credit, debit, charge cards store limited information on magnetic strip• Information storage – About 100 times more than magnetic strip plastic card• Holds private user data – Financial facts, encryption keys, account information, credit card numbers, health insurance information, medical recordsE-Business, Ninth Edition 60
  • 61. Smart Cards (cont’d.)• Safer than conventional credit cards – Information encrypted on smart card• Popular in Europe, parts of Asia – Public telephone calls, cable television programs – Hong Kong • Retail counters, restaurant cash registers have smart card readers • Octopus: public transportation smart card can be reloaded at transportation locations, 7-Eleven storesE-Business, Ninth Edition 61
  • 62. Smart Cards (cont’d.)• Beginning to appear in United States – San Francisco TransLink integrated ticketing system for public transportation• Smart Card Alliance – Advances smart card benefits – Promotes widespread acceptance of multiple- application smart card technology – Promotes compatibility among smart cards, card reader devices, applicationsE-Business, Ninth Edition 62
  • 63. Internet Technologies and the Banking Industry• Paper checks – Largest dollar volume of payments – Processed through world’s banking system• Other major payment forms – Involve banks one way or another• Banking industry Internet technologies – Providing new tools – Creating new threatsE-Business, Ninth Edition 63
  • 64. Check Processing• Old method of physical check processing – Person wrote check; retailer deposited check in bank account – Retailer’s bank sent paper check to clearinghouse • Clearinghouse managed fund transfer (consumer’s bank to retailer’s account) – Paper check transported to consumer’s bank – Send cancelled check to consumer• Banks now provide PDF images of processed checksE-Business, Ninth Edition 64
  • 65. Check Processing (cont’d.)• Disadvantage of paper checks – Cost of transporting tons of paper checks – Float • Delay between the time person writes check and the time check clears person’s bank • Bank’s customer obtains free use of funds for few days • Bank loses use of funds for same time period • Can become significantly longer than a few daysE-Business, Ninth Edition 65
  • 66. Check Processing (cont’d.)• Technologies helping banks reduce float – 2004 U.S. law: Check Clearing for the 21st Century Act (Check 21) • Banks eliminate movement of physical checks entirely• Check 21-compliant world – Retailer scans customers check – Scanned image transmitted instantly • Through clearing system – Posts almost immediately to both accounts • Eliminates transaction floatE-Business, Ninth Edition 66
  • 67. Mobile Banking• Banks exploring mobile commerce potential• 2009: banks launched sites allowing customers using smart phones to: – Obtain bank balance, view account statement, find a nearby ATM• Future plans – Offering downloadable applications smart phone users can install • Use to transact all types of banking businessE-Business, Ninth Edition 67
  • 68. Criminal Activity and Payment Systems: Phishing and Identity Theft• Online payment systems – Offer criminals and criminal enterprises an attractive arena in which to operate • Average consumers: easy prey • Large amounts of money provide tempting targets – Phishing expedition • Technique for committing fraud against online businesses customers • Particular concern to financial institutionsE-Business, Ninth Edition 68
  • 69. Phishing Attacks• Basic structure – Attacker sends e-mail message • To accounts with potential for an account at targeted Web site – E-mail message tells recipient: account compromised • Recipient must log on to account to correct problem – E-mail message includes link • Appears to be Web site login page • Actually leads to perpetrator’s Web site disguised to look like the targeted Web siteE-Business, Ninth Edition 69
  • 70. Phishing Attacks (cont’d.)• Basic structure (cont’d.) – Recipient enters login name, password • Perpetrator captures • Uses to access recipient’s account • Perpetrator accesses personal information, makes purchases, withdraws fundsE-Business, Ninth Edition 70
  • 71. FIGURE 11-5 Phishing e-mail messageE-Business, Ninth Edition 71
  • 72. FIGURE 11-5 Phishing e-mail message (cont’d.)E-Business, Ninth Edition 72
  • 73. Phishing Attacks (cont’d.)• Spear phishing – Carefully designed phishing expedition targeting a particular person or organization – Requires considerable research – Increases chance of e-mail being opened – Example: 2008 government stimulus checks • Phishing e-mails appeared within one week of passageE-Business, Ninth Edition 73
  • 74. Phishing Attacks (cont’d.)• E-mail link disguises and tricks – Example: Web server ignores all characters preceding “@”: • https://www.paypal.com@218.36.41.188/fl/login.html • Link appears different in e-mail • Phony site invisible due to JavaScript code – Pop-up windows • Look exactly like browser address bar – Including Web site graphics of financial institutions • Looks more convincingE-Business, Ninth Edition 74
  • 75. FIGURE 11-6 Phishing e-mail with graphicsE-Business, Ninth Edition 75
  • 76. Using Phishing Attacks for Identity Theft• Organized crime (racketeering) – Unlawful activities conducted by highly organized, disciplined association for profit – Differentiated from less-organized groups – Internet providing new criminal activity opportunities • Generates spam, phishing, identity theft• Identity theft – Criminal act: perpetrator gathers victim’s personal information – Uses information to obtain credit – Perpetrator runs up account charges and disappearsE-Business, Ninth Edition 76
  • 77. FIGURE 11-7 Types of personal information most useful to identity thievesE-Business, Ninth Edition 77
  • 78. Using Phishing Attacks for Identity Theft (cont’d.)• Large criminal organizations – Efficient perpetrators of identity theft • Exploit large amounts of personal information quickly and efficiently – Sell or trade information that is not of immediate use • Other worldwide organized crime entities – Zombie farm • Large number of computers implanted with zombie programs – Pharming attack • Hacker sells right to use zombie farm to organized crime associationE-Business, Ninth Edition 78
  • 79. Using Phishing Attacks for Identity Theft (cont’d.)• Two elements in phishing – Collectors: collect information – Cashers: use information – Require different skills• Crime organizations facilitate transactions between collectors and cashers – Increases phishing activity efficiency, volume• Each year – More than a million people fall victim – Financial losses exceed $500 millionE-Business, Ninth Edition 79
  • 80. Phishing Attack Countermeasures• Change protocol – Improve e-mail recipients’ ability to identify message source • Reduce phishing attack threat• Educate Web site users• Contract with consulting firms specializing in anti- phishing work• Monitor online chat rooms used by criminalsE-Business, Ninth Edition 80
  • 81. Summary• Online stores: payment forms – Credit, debit, charge cards (payment cards) • Ubiquitous, convenient, easy to use – Electronic cash advantages and potential uses • Making micropayments, stored online or offline – Electronic wallets provide convenience – Stored-value cards • Smart cards, magnetic strip cardsE-Business, Ninth Edition 81
  • 82. Summary (cont’d.)• Banks process most monetary transactions – Use Internet technologies to process checks• Concerns: phishing expeditions, identity theftE-Business, Ninth Edition 82

×