Index | Tools | Patches | E-Commerce | Communications | Surfing | Internet Settings

Electronic Commerce

---

Electronic Commerce or E-Commerce is the practice of buying, selling and advertising over the Internet. The practice includes many different business activities and procedures including electronic inventory control and logistical tracking between business partners. However, this article deals with the most common form you're likely to use, that of the electronic shopping basket.

E-Baskets

A website such as Amazon or Play.com has an extensive range of products that you can browse or search through while considering making a purchase. As you view each item, you are given the opportunity to place the items in an E-Basket by clicking a button or link. This causes the online store's computer to record the purchace on a text file called a cookie, which it sends to your computer.

Once you have selected all the items you wish to purchace, you can follow links or buttons to a checkout page where the business of making the purchace and securing credit card and delivery details occurs.

• Log in by entering your username and password (or creating them if it is your first visit to the site).
• You then enter your details; Name, Invoice Address, Shipping Address, and some other contact details such as email address and phone number.
• You will be asked for your preferred method of payment. Most commonly this is a credit or debit card number although some companies also give the option to pay by other methods.
• You will be asked for your prefered method of delivery. Again choices vary by website but common options are first class or second class post, International shipping or airmail and so on. Different delivery methods incur different postage costs.

The online store's computer will perform some calculations based on the details you have entered, the prefered shipping details and the list of purchaces recorded on the cookie file. It will calculate the the cost of the purchace and present the details in a new web page called the checkout page. You can review and amend the order details before being given the chance to either cancel or confirm the order.

A company will usually want to sent you an email as a confirmation that your transaction has been accepted. If an error has been made, such as incorrect credit card details for example, the company will sometimes send an email telling you that the transaction has been refused and what steps you need to take to rectify the situation. With large web companies this process is automated, but with some smaller companies the process of transaction confirmation or refusal is processed by employees and errors can occur. You should always double check purchaces if you have not heard from the company within 24 hours.

Method of Payment

There are a number of ways to pay for goods and services over the internet. Most commonly this is done by using a credit card or a debit card such as Visa or Mastercard but other methods exist. You could send a cheque or postal order to the company or use a service such as PayPal.

Credit Cards

When done correctly, using credit or debit cards is the fastest, safest and easiest way to pay for things online. When done incorrectly, however, it isn't. Never send credit card information (or any other form of personal details) by email. Messages on the internet are passed from computer to computer until they reach their destination. It is theoretically possible for any one of those computers to read an email as it passes through. Likewise, never type credit card details onto a form on a website unless that website is secure. There is a guide to how to tell if a website is secure or not further down the page in the phishing section, and also the security section.

Cheques and Postal Orders

Most online companies will accept a posted cheque or some sort of postal order. While resonably secure, they do somewhat negate the main advantage of shopping online, which is speed. The cheque will take some time to arrive and be processed.

PayPal

PayPal is an online money transaction service used by some, but not all websites. It requires that a customer has a bank account or debit/credit card details, and an email address. PayPal holds an account for each of its customers. The customer either transfers money to the account from a bank account or provides a credit card number that money is drawn from. When the customer buys something online, they select the 'pay by PayPal' option and are prompted for their email address. PayPal will be notified about the purchace and make the payment on the customers behalf from their account. The funds that are transfered from (or to) a customers PayPal account stays within the account until the customer retrieves the money or spends it via PayPal.

PayPal will, on request, either transfer money from a PayPal account to the customers bank account or write a cheque and post it. In some places (mostly the USA) it is possible to get the money from an ATM. PayPal charges a small fee, taken from the PayPal account, for some transactions.

Phishing

Phishing is the crime of fraudulently obtaining personal details such as credit card details or addresses. There are a number of ways this can be done including setting up false web addresses, emails pretending to have come from a legitimate website, offers of fraudulent business opportunities and scanning the internet for personal details.

False web addresses

Web addresses are easily faked. The name that you click on is not always the web address that you go to. For example;
This is an internet link to http://www.google.co.uk/, honest. Try clicking it, then hit the back button. Now hold the mouse cursor over the link and look at the bottom of your screen. You can see the actual link address as http://www.disney.com/. Even then, that's not where you ended up. Your browser was redirected to another homepage by the disney server. This form of false link is often found in unsolicited emails. Some such emails go as far as to write lots of spaces in the address so theat the actual address is hidden off the side of the screen. If you are unsure of a link, check the address at the bottom of the browser.

Another technique is to have a web address which is similar, but not the same as a legitimate web address. Compare these two images of a web browser address bar.

A cursory glance would suggest they lead to the same place. It's only when they are placed together that the lower address looks false. The W in wikipedia has been replaced by two V's. A misspelt address is the most common cheat but others also exist. Combined with the above technique, a user who is not paying attention can easily be misled into believing they are at a legitimate website.

A website's contents are by definition downloadable. It is very easy for a thief to set up a false website that looks and feels exactly like the original. Only the address will be different. In such a situation, the thief is looking to persuade the victim to try to enter passwords or credit card details, which they of course take a record of and use later. Sophisticated thieves will then redirect the victim to the original site making the failed login attempt look like an error on the users part.

Fraudulent Emails

Fraudulent emails come in several types. Those that deliver virus programs are dealt with in the section on surfing. The other type include those suggesting that they come from a bank or financial institution asking you to update your details, renew your credit cards, take part in a random security sweep and so on. They always provide false web addresses for you to click on. Never use an unsolicited email link to go to a web address. Either type the address into the browser bar or use a tried and trusted link.

The other common forms of phishing email include offers to sell (fake) drugs (off prescription), offers of pornography and the Advance Fee Fraud also known as the 419 fraud. This email usually pretends to be from the relative or friend of a wealthy dead person who's vast wealth is tied up until someone can be bribed to allow the email sender to transfer the money to their account of the email recipiant. All that is required of the victim is their bank account details or a large fee, in return for which they will receive millions of dollars. However, if the victim sends money, they will lose the monet, and if they give out bank details, they will quickly lose whatever money is in the bank and find their account has been used to order goods and services they cannot afford. There are a huge variety of scamming emails and the basic rule of thumb is, if a stranger says they want to make you wealthy, they probably don't.

back to top