e-commerce integration and implementation issues

E-Commerce Integration and Implementation

IssuesKhairiyah SallehNur’Aina DaudNurul Izzah OthmanNoor Yahya Sulaiman

Date: 19 May 2012

Malaysian government believes that ICT is a strategic driver to support and contribute directly to the growth of Malaysian economy. For the purpose of deploy resources to develop knowledge base economy and to enter the digital age with more strategic way, Malaysian government announced the plan called 8 th Malaysian plan.

During the Malaysian plan some of the initiatives were deployed to build vital ICT infrastructure for public sector as well as private sector. This plan has been focused to increase the usage of computerization and IT infrastructure in many governmental agencies.

Malaysia would like to promote and facilitate the wider adoption and usage of ICT in everyday life, such as E-Commerce, industry, education and health. The motive of this plan is to shift from a knowledge base economy to a competitive knowledge based economy. Commercial activities on the internet are rapidly increasing all over the world. E-Commerce becomes a strong and easy way of rapid business.

Introduction

Opportunities To gain competitive advantages over other organization. Open up new distribution channel and increase sales. Support buy and sell product on Internet from any place to

anywhere all over the world without traditional intermediaries. Example Amazon, E Bay.

Process and transaction can be done rapidly at reasonable cost.

Cost saving for the organization and their customer. E-Commerce appears to be generating a significant amount of

new economic activities. Customer are able to choose and discriminate among

alternative product and services.

Opportunities in Implementation E-Commerce

Full implementation online (24 hours a day, 7 days a week) Increase efficiencies in order taking. Reduced customer service calls Lower distribution cost of software upgrades.

CISCO (CISCO CONNECTION ONLINE)

Cost Justification High cost of implementation. Mistake due to the lack of experience inflate the cost. Justification of cost not on tangibles factors. Justification of cost always based on intangibles factors such as

improved the customer service, increase the value f advertisement and gain competitive advantages.

Number of sellers and buyers. Number of people connected to the Internet. E-Commerce project are viable to the developed country which

majority of resident have high income or salary.

Issue and Challenges of Global Implementation E-Commerce

(Economic Factors)

Issue on Internet and Telecommunication Infrastructure Digital divide between the developed world and most developing

countries. Accessibility to the Internet is still expensive. Global infrastructure of the web is unevenly developed.

Skill Shortage and lack of trained personal. The dynamism of the technology and emerging skill such as XML,

ASP and PHP programming. Need to hire the additional foreign workers form abroad.


(Economic Factors)

Security Issues Consumers are distrustful about the safety of information. Incident on unsophisticated hackers can steal information easily. Many company are not pay enough intention on security. Reduce the consumer confidence.

Reliability Issues. Network Infrastructure and application systems must be

continuously upgraded, fine tuned and maintained regularly. Vulnerable of sites to denial of services attack. Vulnerable to the virus spread. Reduce the consumer confidence .


(Technical Factors)

Privacy and Security Issues Customer are reluctant to buy online, reluctant to disclose the

confidential data such as home address, identification number and credit card number.

Companies did not give guarantees on security of information.

Cultural Diversity. Ability of customization the interface for individual and group

needs. Customization process is expensive. Translation of language from English into local languages.

Issue and Challenges of Global Implementation E-Commerce (Social

Factors)

Lack of Trust Issues Customer trust is important such as friends recommendation,

previous experience, or through transparent legislative infrastructure.

Company also need to well established the “brand identity” of company.

Absence of “Touch and Feel” functions. Most of business working around on this limitation. Customer only buy a reasonable price on E-Commerce website. Customer did not buy a high price product online. Therefore, web

site still in used for customer for conduct research on product and making comparison on price offered.

Issue and Challenges of Global Implementation E-Commerce (Social

Factors)

Protection of Intellectual Property Right Issues Digital media are compact, easily stored, easily to being

replication, transmission and alteration. Internet was designed to be open and transmit information freely

around the world. Different country have different attitudes towards intellectual

property rights. New laws should be design and inadequate action should be

impose to protect the original copyrighted contribution.

Taxation Issues. Collecting the Internet sales taxes are rather complicated. Different country or nation have different tax structure.

Issue and Challenges of Global Implementation E-Commerce (Legal

Factors)

Product Sale that are restricted or illegal by another country Companies should more careful and fully obey the rules and laws of

other country. Example such as selling the wine, weapons, restricted chemical

items or online gambling.

Legal Validity of the Electronic Transaction. Traditional business are based on face to face meeting, paper

documentation and “wet signature” as verifier. Electronic documents must be customize and should have the

same legal validity standard as written signature.

Issue and Challenges of Global Implementation E-Commerce (Legal

Factors)

Success factors have been used to identify information needs, to list and describe elements critical to program and system success, and to help define and focus management’s responsibilities and efforts.

Griffin and Kenneth [8] write “Success factors are the limited number of areas in which results, if they are satisfactory, will ensure successful competitive performance for the organization. They are the few key areas where things must go right for the business to flourish. If results in these areas are not adequate, the organization’s efforts for the period will be less than desired.”

According to Rockart [16], “the success factors are areas of activity that should receive constant and careful attention from management. The current status of performance in each area should be continually measured, and that information should be made available.”

Critical Success Factors for E-Commerce

Implementation

Policy factors. Organization factors. Human resources management factors. Business factors. Customer relationship management factors. Technology factors. Security factors. Environment factors.

Critical Success Factors for E-Commerce

Implementation

Phase 1: Identify the business opportunity. Identify the kinds of technology and business partners

Phase 2: Select the technology infrastructure. A tool that can enable web applications would require network

bandwidth, computer security, and applications to make electronic business a reality.

Phase 3: Implement the electronic business solution. This phase involves complex technology and organization issues. It is

important to make sure that a solution is tightly integrated with other systems and operations.The implementation also needs to have the partners, customers, suppliers, andemployees built into it.

Critical Success Factors for E-Commerce Implementation

(Approach of Using an E-Business)

1. Business Trends • Enterprise Collaboration

• Customer Relationship Management (CRM)• Identifying Return on Investment

2. Organization Trends• Specialization• Skill Management• Process Visibility• The Learning Organization

3. Technological Trends• Managing Security and Standards. Enterprise Integration• Technology Convergence


(Three Area That Affect the Implementation of E-Business

by Newton S, 1999)

Carton [3] claims that to make business-to-consumer electronic commerce successful, special attention must be paid to privacy and loyalty of customer; the organization should ensure the following:

• Build Trust - to build customer loyalty, an organization must first build trust. The organization should be open, honest, clear, and concise in terms of letting the customer know what it will do or will not do.

• Provide Added Value - The organization should provide added value, which actually makes the customer’s life more interesting.

• Give Customers a Choice - The organizations should make sure that the customers are given enough choices and are allowed to make decisions themselves.



by Carton S, 2000)

Transaction Software -The transaction and payment software must perform correct calculations, especially with respect to taxes and shipping costs.

Site Maintenance - The organizations should have enough trained programmers to maintain the web site.

Security - Details regarding personal information and data regarding electronic money transactions must be highly secure.



by Newton)

Chan and Swatman [5] studied the key factors involved in implementation of business-to-business electronic commerce in BHP (Broken Hill Proprietary Company Limited) Steel and present several factors influencing its implementation.1. Internal Factors

Commitment Trading Partner Participation Pro-active Approach Business Value Training and Educational Program

2. External FactorsRapid Changes in Technology. Complexity and Compatibility of Technology and Process



by Newton)

Food-DominosDommal Food Services Sdn Bhd

Florist-Blooming Florist Sdn Bhd

Online Shopping-Aidijuma Scarf

Entertainment-TGV

Flight Booking-AirAsiaAirAsia Bhd

Online Banking- Maybank Bhd

Key e-Commerce Players in Malaysia

Blooming.com.my, a florist delivery service, has already been engaged in e-Commerce activities since they first reached Malaysian shores in the mid 1990’s for example.

MPH, a popular Malaysian bookstore, has also been doing great on the e-Commerce front since 2004.

Lelong.com.my, a Malaysian homegrown e-Bay, was established in 1999 and for the first five years did not charge any fees for its services, instead relying on its own investments and advertisement sales to stay afloat.

AirAsia, one of the most successful Malaysian e-Commerce examples

Appendix

Source from: Malaysia Department of Statistics

Source from: International Data Corporation (IDC)

Source from: Malaysia Department of Statistics

Opportunities Development of information and communication technologies

New technologies are providing easy and fast online transactions which are enhancing consumers to go online and take the advantages of E-Commerce.

Geographical position The business are no longer in local but also in global areas.

Foreign investment It helps in promoting business and introduces new technologies which

are effecting on the growth of E-Commerce. Malaysia is enjoying fruitful foreign investment in the region.

Opportunities of E-Commerce in Malaysia

Stability of policy and regulatory Government is willing to develop and introduce E-Commerce

with new technologies. There is continuity in policies, strategies implementation and strategies formulation which are enhancing the effectiveness of online trading.

Government created institutions that help industries and people to adopt E-Commerce These organizations have also announced some plan and

strategies to improve E-Commerce in Malaysia. Government bodies have announced and built ministry of multimedia and communication for the improvement of information and communication technologies, information technology infrastructure to create knowledge based economy. Government has built an organization for small businesses which called Small and Medium Industries Development Corporation (SMIDEC).

Opportunities of E-Commerce in Malaysia (cont…)

Challenges 1. E-readiness2. Cyber Crime3. Security 4. Privacy 5. Legal issues

E-Commerce Implementation Issues in Malaysia

A country’s e-readiness is essentially a measure of its e-business environment, a collection of factors that indicate how amenable market is to Internet-based opportunities. E-readiness is not simply a matter of the number of computer servers, websites and mobile phones in the country, but also things such as its citizen’s ability to utilise technology skilfully, the transparency of its business and legal systems, and the extent to which governments encourage the use of digital technologies.

Malaysia ranked 34th among 70 countries (Economist Intelligence Unit). The lacks of understanding about new technologies are affecting E-Commerce.

The awareness and knowledge about information and communication technologies are still in the formative phases. Some new technologies are still new for buyers. As a result buyers are still reluctant to implement these technologies.

E-readiness

Cyber crimes emerge as a threat to E-Commerce in current scenario. The advancement of technological capabilities and its usage for crimes like hacking information of credit cards and other important information became a major threat for online businesses. The hacker could hack the credit card details and users hindered to give this kind of information.

Cyber Crime

Articles on Cyber Crime in Malaysia

Security Issues

Security is one of the most addressed issues in implementing e-commerce whether it is safe to conduct on-line transactions

As business move towards adapting on-line trading, issues of on-line transaction security become more important.

The major threats to business are information losses, theft of data, infection with a computer virus, and manipulation of their internal systems or software applications.

Based on survey on Malaysian companies’ interest in e-business, 70 % believed that security was the most important barrier to ecommerce development.

Types of Attack

Non Technical Attack

Deception or persuasion to trick people into revealing sensitive information

Social engineering is a type of non technical attack that uses some trick users into

revealing sensitive information

Identity Theft

Identity theft is possible with the help of digital information technologies (Caeton, 2007) and by the nature of modern payment systems.

Identity theft involves acquiring enough data about another individual to counterfeit this link, enabling the thief to acquire goods while attributing the charge to another person’s account (Anderson et al, 2008).

In addition, identity theft is the taking of a victim’s identity to obtain credit or credit cards from banks and retailers, steal money from the victim’s existing accounts, apply for loans, establish accounts with utility companies, rent an apartment, file bankruptcy, or obtain a job using the victim’s name (identity theft, 2010). In short, identity theft occurs when someone appropriates your personal information without your knowledge to establish a parallel identity.

Identity Theft in Malaysia

Virus, Worm, and Trojan Horse

Referred to as malware , it is classified by how it propagates.

A virus is a piece of software code that inserts itself into a host, including operating system. In order to propagate, its requires its host program be run to activate it.

Worm is a software program that runs independently, consuming resources of its host and able to propagate a complete working version itself.

Trojan horse is a program that appears to have useful function but it contains a hidden function that presents a security risk.

Denial of Sevice

An attack on a website in which attacker uses specialized software to send a flood of data packets to target computer with the aim of overloading its resources.

Security Attack in Malaysia

Privacy Issues

Privacy is the right to be left alone and the right to be free of unreasonable personal intrusion.

There are a number of opportunities to collect information about individuals

Ways of Gathering Information of An Individual

Reading an individual’s blogs, or newsgroup postings. Looking up in an individual’s name and identity in internet. Reading an individual’s email, IM or text massages. Monitoring and conducting observation on employees. Wiretapping wire-line and wireless communication lines. Complete registration form online. Record individual’s action using cookies as they navigate

the website. Using spy ware, keystroke loggers, and similar methods.

Website Registration

A study by TNS and TTRUSTe (2004) user doubt to give personal information to online businesses.

Among the 1068 participants, 71% dislike registering at websites they visit, 15 % refuse to register at all while 43% do not trust companies not to share their personal information.

All B2C, marketing Websites and social network ask visitor to fill up registration form (ex: win a prize or some of item exchange).

The site may use it to improve customer service or sometimes they may sell the information to other company.

Cookies

Website gather information about an individual by using cookies.

Cookies enable sites to keep track of users without having constantly ask the user to identify themselves.

Originally, cookies were designed to help with personalization and market research. However cookies can invade an individual’s privacy.

Cookies enable user’s information such as preferences, interests and surfing patterns to be collected.

User can disable the cookies, but the problem is that the user will have to keep reentering information or may be blocked from viewing certain pages.

Spyware

Spyware is defined as unwanted software programs designed to steal information or confidential information.

Spyware may enter the user’s computer as a virus or a result of the user’s clicking an option in deceptive pop up window.

Spyware tracks user’s web surfing habit and scan computer hard drives for sensitive files and send the result to hackers and spammers.

Therefore, spyware is a violation of computer’s user privacy. For example: Keystroke Logger run in the background of the

user’s computer and record every keystroke that user makes. Hacker can steal the user’s password, account number, etc

Privacy Protection

There are several laws and regulations that governed e-commerce activities.

Some countries have enacted comprehensive laws on e-commerce while some others are still in the process of enacting laws.

Some e-commerce laws were developed and reviewed in order to keep up with the changes in technology.

In Malaysia, the right of privacy is not as a fundamental right under the Federal Constitution.

However, with the development of e-commerce a new law was passed in January 2010 which is known as a Personal Data Protection Act 2010 (PDPA).

This Act seeks to regulate the processing of personal data of individuals who involved in commercial transactions by data users.

It also protect to the individual’s personal data and safeguarding the interests of the individual.

This Act defines the meaning of ‘personal data’ and ‘sensitive personal data’.

It also outlines the data protection principles and the exemptions, right of data subject including right to access personal data, to correct it, to prevent its processing for unlawful purposes and what amount to criminal offences under the Act.

(Mohamed, 2011)

Privacy Protection In Malaysia

Legal Remedies for Invasion of Privacy in E-Commerce

In Malaysia, claim for remedies for cases of breach of online privacy are forwarded to Financial Mediation Bureau (FMB) .

This FMB is an alternative to courts or arbitration which in charge of settling disputes between individuals or corporations and the financial services providers who are under the supervision of Bank Negara Malaysia or ‘National bank’ and a member of the bureau.

It was reported that the FMB is handling 3000 cases in October 2011 since there are increasing numb

The protection on violation of personal privacy in Malaysia is limited to informational privacy only.

(Mohamed, 2011)

Domain Name Jurisdiction Advertisement Electronic Payment

Legal Issues

Domain NameA company that commences e-commerce activities would at first have to get its domain name registered. While registering domain names, if the company chooses a domain name that is similar to some domain name or some existing trademark of a third party, the company could be held liable for cybersquatting.

Since registration of domain names is simple and inexpensive, cybersquatters often register hundreds of such famous names as their domain names such as www.sony.net andwww.petronas.net.

In Malaysia, cybersquatting issue is addressed by .my DOMAIN REGISTRY’s Sensitive Name Dispute Resolution Policy (SNDRP) and the complaints must be made according to the rule given by .my Domain Registry.

Domain Name

http://www.sony.net/

http://www.petronas.net/

The Complaint must:- (i) provide the name, postal address, telephone and facsimile numbers and electronic-mail

address of the Complainant and/or its authorised representative(s) in a separate document;

(ii) provide the name of the Registrant and any other relevant information (including the

Registrant's postal address, telephone and facsimile numbers and electronic-mail address), which will be able to assist the Provider in sending the Complaint to the Registrant; and

(iii) specify the Domain Name which is complained of; (iv) state the grounds on which it is made, specifically, as to why the Domain Name

should be considered as being a Sensitive Name or otherwise falling within any one or more of the categories detailed in Paragraph 5 of the SNDRP;

(v) identify any legal proceedings which involve the Domain Name that may have been

commenced or terminated by the Complainant; and (vi) end the Complaint with the statement and the signature of the Complainant:-

Domain Name

Domain Name

•In Sime Darby Berhad Malaysia v. Mr. Sim e-Darby (2002) over a domain name ‘simedarby.com’ by respondent in Canada, the matter went to WIPO Arbitration and Mediation Center, which heard in accordance with the Policy and Rules of the Uniform Domain Name Dispute Resolution Policy (UDRP). •The decision of Panel was to transfer the impugned domain name to the complainant, because, among other things, the domain name registered by the Respondent is identical or confusingly similar to the “Sime Darby” trade mark in which the Complainant has rights.

Domain Name

•In a local case of Petroliam Nasional Bhd & Ors v Khoo Nee Kiong (2003) Malaysian court decided, among other things, that cyber squatting may be regarded as ‘passing off’. The first plaintiff in that case was a well-known national petroleum corporation. The second plaintiff was one of the marketing arms of the first plaintiff and the third plaintiff was in the business of processing and transmitting natural gas and it conducted its gas business under the trade name ‘Petronas Gas’. The defendant was an individual carrying out trading operations as a registered sole proprietor under the trade/business name ‘Araneum Consulting Services’ and was in no way associated with the plaintiffs.•It was held that by registering the said domain names which contained the word ‘Petronas’, there was a serious issue to be tried in that the defendant was making a false representation to persons who may have consulted the register that the registrant, ‘Araneum Consulting Services’ was connected or associated with the name registered and thus the owner of the goodwill in the name ‘Petronas’.

•The court maintained that by registering the said domain names, the defendant had eroded the exclusive goodwill in the name ‘Petronas’ which had cause damage to the plaintiffs.

In addition to the nature of corporate structure, decisions will also have to be taken with respect to the jurisdiction in which the corporate structure should be situated, as it will determine the extent of any liability that may arise against the website. According to the traditional rules of private international law, the jurisdiction of a nation only extends to individuals who are within the country or to the transactions and events that occur within the natural borders of the nation.

However, in e-commerce transactions, if a business derives customers from a particular country as a result of their website, it may be required to defend any litigation that may result in that country.

As a result, any content placed on a website should be reviewed for compliance with the laws of any jurisdiction where an organisation wishes to market, promote or sell its products or services as it may run the risk of being sued in any jurisdiction where the goods are bought or where the services are availed of.

Jurisdiction

For example, XYZ, a company in London, having its server in USA, may sell its products to customers in India or other countries. In such a situation, if you receive defective goods or if you regret having made the purchase, the question would arise as to which jurisdiction can you sue the company or claim damages or withdrawal respectively. The company, on the other hand, might find itself confronted with foreign laws, which he may not be aware of.

For example, the US courts have in numerous cases have held a company in X stateliable in Y state on the basis that the website could be accessed in Y state.

Jurisdiction

Jurisdiction

MALAYSIALEGAL SYSTEM

New System

Jurisdiction of dispute Malaysian

Court

Choice of law Malaysian Law

Evidence Act

REFJA (Reciprocal Enforcements of

foreign Judgement Act)

REFJA is not enforceable in some

major trading partners

Evidence electronic document

Choice of law foreign or local?

Jurisdiction of disputeLocal or foreign court?

Existing System

The nature of E-Commerce causes existing laws not able to cover the resolution process especially in

cross border issues

AdvertisementMany websites advertise goods or services to customers. The traditional laws of advertising, which apply to ordinary sales, are enacted in the interest of all consumers to prevent deceptive and unfair acts or practices. These laws would also be applicable to advertising or marketing on the Internet.

The websites may be subject to any liability that may arise due to false designations, origin, misleading description of fact that are likely to cause confusion or misrepresent the nature, characteristics, quality or geographic origin of the goods or services that are offered for sale in an advertisement. In addition to advertising laws, depending on the kind of business, the websites would also have to comply with the laws of applicable to such a business.

Advertisement

AdvertisementAn advertisement may be exposed to liability under the consumer protection laws since it may be subject to different interpretations by the consumer in different jurisdictions.

Certain websites simply display advertisements or banners of other companies. In such a case, would the owner of the website be subject to liability for misleading or fraudulent advertisements that are displayed on its website?

The website should contain appropriate disclaimers disclaiming any such liability. Most countries have stringent laws with respect to spamming. Website owners must ensure that they use legal methods of advertisements and that the method used does not amount to spamming.

Advertisement

AdvertisementArticle on Advertisement Issues

Electronic PaymentThe instrumental growth in e-commerce activities has necessitated the evolution of electronic payment mechanisms. In addition to normal currencies, e-financial instruments / digital currencies such as cyber cash and e-cash can be used for the purchase of current as well as capital assets over the Internet and for carrying on other commercial activities.

Before regulating the use of such financial instruments, it would be essential to identify the issues that these instruments pose.

Electronic Payment Issues

a. Secure Credit Card Transactions: An e-commerce website that accepts online credit card payments must ensure that it has adequate security measures to safeguard confidential customer data that is provided on the site. In the event that credit card numbers are leaked on the Internet, the website could be held liable for damages caused to the consumers.

Electronic Payment

b. Recognition of digital currencies: To be effective, existing laws would need to recognise the payment of digital currencies, as enforceable consideration against obligations undertaken by the other parties. Further, the extent to which these digital currencies are “valid tender” would also need to be examined.

c. Determining the relevant jurisdiction: This would mean determining the relevant law that parties will be governed by in respect of electronic transactions (whether by the contract, or in its absence, by general principles of law). This may create problems, especially when the laws in Country A, where the company is registered permit electronic payment contracts, whereas the laws in Country B, where the consumer is located, do not regulate electronic payment contracts.

Electronic Payment

d. Risk of Regulatory Change: The regulatory environment for electronic payment is likely to change with technological innovations in modes of payment. Therefore, any form of legislation made in this regard should be technologically neutral.

e. Transaction risks: These include the liability for security failures in the system of transaction and the relevant standard of care for system security.

Electronic Payment

f. Consumer-oriented risks: These include risks concerning privacy, consumer protection, money laundering, tax avoidance, online fraud and crime.

Electronic Payment

Thank You

e-commerce integration and implementation issues

Education

ecommerce project

global infrastructure

ecommerce website

justification of cost

reasonable cost

malaysian plan

usedfor customer

security of information