Free Solved Question Paper of BCS-062 : E-COMMERCE (June 2024)

1. (a) Define e-Commerce and describe its scope. With the help of a diagram, explain the complete work-flow of e-Commerce. (10 marks)

Answer :

Definition of e-Commerce: Electronic Commerce (e-Commerce) refers to the buying and selling of goods and services, or the transmitting of funds or data, over electronic networks, primarily the Internet. It includes digital transactions between businesses, consumers, and governments, encompassing online retail, digital services, and electronic fund transfers.

Scope of e-Commerce:

• Business Models:
  • B2B (Business-to-Business) commerce
  • B2C (Business-to-Consumer) retail
  • C2C (Consumer-to-Consumer) platforms
  • G2B/G2C (Government services)
• Technologies:
  • Payment gateways and security
  • Mobile commerce solutions
  • Cloud computing integration
  • AI-powered recommendations

Work-flow of e-Commerce:

A typical e-Commerce transaction involves several steps:

1. Customer Interface: Users browse products, read descriptions and reviews, compare prices, and add items to their shopping cart.
2. Order Processing: Customer enters shipping details and payment information, reviews the order total including taxes and shipping.
3. Payment Processing: Secure payment gateway handles the transaction, verifies payment details, and confirms the transaction.
4. Order Fulfillment: System generates order confirmation, updates inventory, and initiates shipping process.
5. Post-Purchase: Customer receives tracking information and can monitor delivery status.

Work-flow Diagram:

This workflow demonstrates the integration of various systems - customer interface, payment processing, inventory management, and delivery tracking - working together to facilitate online commerce. The process ensures secure transactions while maintaining efficiency in order processing and fulfillment.

1. (b) Discuss the security concerns in e-Commerce covering from the perspectives like: (10 marks)

• Security concerns of the client
• Security concerns of the server
• Security concerns of the communication channel

Answer :

(i) Security concerns of the client:

• Personal Data Protection: Risk of personal and financial information theft, including credit card numbers, addresses, and login credentials.
• Authentication Issues: Vulnerability to password theft, account hijacking, and identity theft through phishing attacks.
• System Security: Risks from malware, spyware, and keyloggers that can compromise user devices.
• Privacy Concerns: Unauthorized tracking of shopping behavior and personal preferences.

(ii) Security concerns of the server:

• Database Security: Protection against SQL injection attacks and unauthorized data access attempts.
• Server Infrastructure: Defense against DDoS attacks that can disrupt service availability.
• Data Storage: Secure storage and encryption of customer data, payment information, and transaction records.
• Access Control: Managing employee access levels and preventing insider threats.

(iii) Security concerns of the communication channel:

• Data Transmission: Protection against man-in-the-middle attacks and data interception during transfer.
• Encryption Protocols: Implementation of secure protocols like HTTPS and TLS for data protection.
• Network Security: Safeguarding against network vulnerabilities and routing attacks.
• Session Management: Protecting user sessions from hijacking and ensuring secure timeout procedures.

Mitigation Strategies:

• Client-side: Implementation of strong password policies, two-factor authentication, and regular security updates.
• Server-side: Regular security audits, automated monitoring systems, and robust backup procedures.
• Channel Security: SSL/TLS encryption, digital certificates, and secure payment gateways.

Additional Security Measures:

• Regular security assessments and penetration testing
• Compliance with data protection regulations (GDPR, PCI DSS)
• Employee training on security best practices
• Incident response and recovery plans

2. (a) Explain the prospects and issues of the following applications of e-Commerce: (5 marks)

• Online Auctions
• Online Trading System

Answer :

(i) Online Auctions

• Global reach and access to a large customer base.
• Dynamic pricing and competitive bidding.
• Convenient for both buyers and sellers.

• Risk of fraudulent sellers or bidders.
• Non-payment or non-delivery of goods.
• Shill bidding (fake bids to inflate prices).

(ii) Online Trading System

1. Real-time access to financial markets.
2. Lower transaction costs and faster execution.
3. Access to a wide range of investment options.

• Security risks (hacking, data theft).
• Technical glitches or downtime.
• Lack of investor awareness and risk of losses.

2. (b) Explain the m-Commerce framework with the help of a block diagram (layered). (5 marks)

Answer :

m-Commerce Framework:

m-Commerce (Mobile Commerce) refers to buying and selling of goods and services through wireless handheld devices such as smartphones and tablets.

Layered Framework:

1. Device Layer: Involves mobile devices like smartphones and tablets used by consumers to access e-Commerce services.
2. Network Layer: Consists of mobile networks, Wi-Fi, and other internet connections that enable communication.
3. Service Layer: Encompasses various services like payment processing, location services, and messaging.
4. Application Layer: Includes mobile applications and web browsers through which users interact with e-Commerce platforms.

Layered Block Diagram (Mermaid):

This framework shows how m-Commerce operates through multiple layers, from the device to the application.

3. (a) Discuss any three secured electronic e-Commerce payments which are very much popular now-a-days. (6 marks)

Answer :

1. Credit/Debit Card Payments:
   • Security Features: OTP verification, CVV number, 3D Secure authentication
   • Protection Measures: SSL encryption, fraud monitoring systems
   • Additional Security: EMV chip technology, transaction limits, instant notifications
2. UPI (Unified Payments Interface):
   • Security Features: Two-factor authentication, PIN protection
   • Technology: End-to-end encryption, unique device binding
   • Advantages: Real-time settlement, multi-bank support, QR code payments
3. Digital Wallets (e.g., PayPal, Google Pay):
   • Security Measures: Tokenization, biometric authentication
   • Protection: Buyer protection policies, dispute resolution
   • Features: One-click payments, recurring payment support, cross-border transactions

Common Security Features Across All Methods:

• Strong encryption protocols
• Multi-factor authentication
• Real-time fraud detection
• Secure data storage compliance

3. (b) Describe briefly the working of SSL with the help of a diagram. (4 marks)

Answer :

SSL (Secure Sockets Layer): A protocol that establishes encrypted connections between web browsers and servers to protect data transmission.

Working Process:

1. Client initiates secure connection request to the server
2. Server responds with its SSL certificate containing public key
3. Client verifies certificate authenticity
4. Client generates and encrypts session key
5. Server decrypts and confirms session key
6. Secure encrypted communication begins

Diagram:

4. (a) Discuss the key-features of B2B and B2C e-Commerce categories. Also, mention any two differences between them. (5 marks)

Answer :

B2B (Business-to-Business) e-Commerce:

• Transactions between businesses (e.g., manufacturer and wholesaler).
• Large order quantities and recurring transactions.
• Negotiated pricing and long-term relationships.

B2C (Business-to-Consumer) e-Commerce:

• Transactions between business and end consumers.
• Smaller order quantities, one-time purchases.
• Fixed pricing and mass marketing.

Two Differences:

1. B2B involves businesses as both buyers and sellers, while B2C involves businesses selling to individual consumers.
2. B2B transactions are usually larger in value and volume compared to B2C.

4. (b) Define Electronic Data Interchange (EDI). Explain the processing of Purchase Order (PO) with the help of EDI. (5 marks)

Answer :

Definition: Electronic Data Interchange (EDI) is the electronic exchange of business documents (such as purchase orders, invoices) in a standardized format between organizations’ computer systems.

Processing of Purchase Order (PO) using EDI:

1. Buyer creates a PO in their system.
2. PO is converted into a standard EDI format (e.g., ANSI X12).
3. EDI PO is transmitted electronically to the supplier’s system.
4. Supplier’s system receives and processes the PO automatically.
5. Supplier sends an EDI acknowledgment or invoice back to the buyer.

This process eliminates manual entry, reduces errors, and speeds up order processing.

5. Write short notes on any four of the following: (2.5×4=10 marks)

Answer :

1. ANSI X12 standard: A widely used EDI standard in North America for electronic business document exchange, such as purchase orders and invoices.
2. G2B category of e-Commerce: Government-to-Business e-Commerce, where government agencies provide services or information to businesses electronically (e.g., tax filing, licensing).
3. Paypal payment method: An online payment system that allows users to pay, send money, and accept payments securely over the Internet using an email address and password.
4. Digital certificate: An electronic document used to prove the ownership of a public key, issued by a Certificate Authority (CA), and used in SSL/TLS for secure communication.
5. e-Commerce portal architecture: The structure and design of an e-Commerce website, including presentation, application, and data layers, ensuring smooth user experience and secure transactions.