Computer Class 12 GSEB Solutions Chapter 5 Introduction to M-Commerce

Students frequently turn to Computer Class 12 GSEB Solutions and GSEB Computer Textbook Solutions Class 12 Chapter 5 Introduction to M-Commerce for practice and self-assessment.

GSEB Computer Textbook Solutions Class 12 Chapter 5 Introduction to M-Commerce

Question 1.
M-Commerce ? List some of the examples of M-commerce.
Answer:
(1) Mobile Marketing and Advertising:

Today, companies are using M-commerce to expand their services from marketing to advertisement.
Mobile advertising is one of the most popular ways for companies to reach a large audience.
Advertising on Internet has become a major source of revenue for most of the portals.
Many retailers are offering location based mobile advertising in order to target consumers and increase their sales.
An advertisement placed on the mobile device of the user can thus be made on personal requirements and location-specific.
It can update the users about the various discounts and schemes available in the nearby areas of the current location of the user.

(2) Mobile Ticketing:

Users can easily buy tickets for air or rail travel, movies etc.
The tickets can be sent to the user’s mobile device.
Users can further show these tickets on their mobile devices at the respective place.
Tickets can also be easily cancelled on the mobile phones using the application or accessing the portals of travel agents.
This helps in reducing the traffic and the parking problems which are increasing day-by-day as the user need not travel to the place for buying tickets.
Figure shows the Indian Railway Catering and Tourism Corporation limited (IRCTC) login page.

Below given is the method to book an online ticket using mobile device.
After providing the usemame and password( the user should have an accoUnt with IRCI’C), the user can plan his travel details like source and the destination name, date of travel, ticket Epe and quota as shown in figure.

When the user clicks on find Trains button he/she is provided with the list of trains available on the given date as per his/her requirement as shown in figure.

The user can click on the name of the train to get more details. In figure name of only one train can be seen. It is possible to get list of more trains also.
Later he/she can proceed to book the ticket and provide the details of the passengers travelling as shown in figure.

After booking, the user gets an e-ticket message »form IRCTC on the mobile device which can be presented at the time of travelling.
The above given process proves that without being fixed at the computer terminal or being physically present at the railway station, the customer can access the services using the mobile device whenever and wherever he/she goes.

(3) Mobile Auctions:

The auctions sites are becoming more popular these days.
Mobile devices further help in increasing the reach of these auction sites.
A user while on the move can access these sites, make a bid, monitor bids and take a timely action on the bidding process.
Many of the auction sites have built gateways and interfaces to provide access to mobile devices through wireless networks.
Figure shows the auction site ebay as viewed on a mobile device.
The user can bid for the products using the mobile device.

(4) Mobile Entertainment:

Mobile devices are used extensively for listening to audio, viewing video and playing games.
The mobile users can subscribe to entertainment libraries where they can search for songs, videos or games and easily downloaded them in their device for playing later.
Entertainment services such as pay-per- download, pay-per-event or on subscription basis can cater to a large number of mobile users and are willing to pay for the services.

(5) Mobile Purchase :

Mobile purchase allow customers to shop online anytime anywhere.
Customers can browse and order products while using a secure payment method.
Instead of using paper catalogue, retailer can send a list of products that a customer would be interested in, directly to their mobile device.
Alternatively, the consumers can also visit a mobile version of a retailer’s E-commerce site.
The retailers can also track the customers and notify them of discounts at local stores that the customer would be interested in
Figure (a) shows the home page of flipkart as seen on mobile device.
Figure (b to f) shows the purchase process from selecting a category, choosing the product, viewing its detail, placing the order and provide the shipping details on the mobile device.

(6) Mobile Financial Services :

Today, many popular banks and financial institutions use M-commerce.
They allow their customers to access account information; perform transactions like stock purchase, remit money, via mobile phones and other mobile equipments.
Figure shows the mobile services provided by Union Bank.
The customer can download the application “umobile” from the android market.
After getting registered, the customer can avail the services that are provided by the bank on his mobile as shown in figure.
In figure the various main menu options can be seen.
The customer can check his/her balance, transfer the funds to any other bank account, place request for a Cheque hook and Can avail many other sei’ces from his! her mobe deviCe.

(7) Mobile Information Services:
A wide variety of information services can be delivered to mobile phone users in much the saine way as it is delivered to personal computers. The services include :

News service
Stock market data
Sports news
Financial records
Traffic records
Traffic information

Question 2.
Why is M-commerce helpful to the user ?
Answer:

Mobiles are being used more and more on daily basis and today it is not merely used to make or receive a call.
Mobile companies are coming up with new features for their smart phones, which offer consumer ease, flexibility and security at the same time.
The ease of availability and faster speed has made M-commerce more popular now-a-days.
The Web design and development companies have ^ also optimized the websites, such that it can be viewed correctly on mobile devices.
M-commerce is the integration of wireless networks accessed through handheld devices and Internet.
The benefits of Internet and E-commerce are offered by M-commerce also.
Some of the advantages of M-commerce as listed.
1. It provides convenience to the user.
2. In just few clicks on the mobile device, the user can do shopping, banking and download media files while on the move.
3. Mobile device enables the user to be contacted at virtually anytime and anywhere.
4. Reduces transaction cost.
5. Reduces the time to order. The user does not need to be on the PC or laptop to order.
6. Streamline business processes.
7. Provides global reach.
8. Conduct business 24 x 7.
9. Flexibility of accessing the information through any mobile devices.
10. Payment can be done using the mobile devices itself just the same way as it is done on personal computer.
11. Useful to deliver time critical and emergency information.
12. Easily identifies the physical location of the handheld device. The emergence of location based applications enable the user to receive relevant information.
13. Customized alerts can be easily received on the mobile device.
14. Instant connectivity and availability of faster 3G services has made M-commerce more popular these days.
15. Timely information can reach the user.
16. The information like flight or train schedule, delay or cancellation can be given to the user on his mobile device on real time basis.

Question 3.
List the advantages of M-commerce.
Answer:

Mobiles are being used more and more on daily basis and today it is not merely used to make or receive a call.
Mobile companies are coming up with new features for their smart phones, which offer consumer ease, flexibility and security at the same time.
The ease of availability and faster speed has made M-commerce more popular now-a-days.
The Web design and development companies have ^ also optimized the websites, such that it can be viewed correctly on mobile devices.
M-commerce is the integration of wireless networks accessed through handheld devices and Internet.
The benefits of Internet and E-commerce are offered by M-commerce also.
Some of the advantages of M-commerce as listed.
1. It provides convenience to the user.
2. In just few clicks on the mobile device, the user can do shopping, banking and download media files while on the move.
3. Mobile device enables the user to be contacted at virtually anytime and anywhere.
4. Reduces transaction cost.
5. Reduces the time to order. The user does not need to be on the PC or laptop to order.
6. Streamline business processes.
7. Provides global reach.
8. Conduct business 24 x 7.
9. Flexibility of accessing the information through any mobile devices.
10. Payment can be done using the mobile devices itself just the same way as it is done on personal computer.
11. Useful to deliver time critical and emergency information.
12. Easily identifies the physical location of the handheld device. The emergence of location based applications enable the user to receive relevant information.
13. Customized alerts can be easily received on the mobile device.
14. Instant connectivity and availability of faster 3G services has made M-commerce more popular these days.
15. Timely information can reach the user.
16. The information like flight or train schedule, delay or cancellation can be given to the user on his mobile device on real time basis.

Question 4.
What are the limitations of M-commerce ?
Answer:

Though the list of advantages of M-commerce is large it has a number of limitations.
Some of the limitations of M- commerce are listed below:
1. The handheld devices commonly used today offer a limited screen size. This further limits the types of file and data transfer. At times it is difficult to display videos.
2. User interface is less convenient when compared to personal computers.
3. Mobile devices have limited computing power, memory and storage capacity.
4. It operates over wireless networks which are less secured as compared to wired network.
5. It offers a limited bandwidth.
6. High cost of establishing mobile and wireless broadband infrastructure.

Question 5.
List some of the applications of M-commerce.
Answer:

(1) Mobile Marketing and Advertising:

Today, companies are using M-commerce to expand their services from marketing to advertisement.
Mobile advertising is one of the most popular ways for companies to reach a large audience.
Advertising on Internet has become a major source of revenue for most of the portals.
Many retailers are offering location based mobile advertising in order to target consumers and increase their sales.
An advertisement placed on the mobile device of the user can thus be made on personal requirements and location-specific.
It can update the users about the various discounts and schemes available in the nearby areas of the current location of the user.

(2) Mobile Ticketing:

Users can easily buy tickets for air or rail travel, movies etc.
The tickets can be sent to the user’s mobile device.
Users can further show these tickets on their mobile devices at the respective place.
Tickets can also be easily cancelled on the mobile phones using the application or accessing the portals of travel agents.
This helps in reducing the traffic and the parking problems which are increasing day-by-day as the user need not travel to the place for buying tickets.
Figure shows the Indian Railway Catering and Tourism Corporation limited (IRCTC) login page.

Below given is the method to book an online ticket using mobile device.
After providing the usemame and password( the user should have an accoUnt with IRCI’C), the user can plan his travel details like source and the destination name, date of travel, ticket Epe and quota as shown in figure.

When the user clicks on find Trains button he/she is provided with the list of trains available on the given date as per his/her requirement as shown in figure.

The user can click on the name of the train to get more details. In figure name of only one train can be seen. It is possible to get list of more trains also.
Later he/she can proceed to book the ticket and provide the details of the passengers travelling as shown in figure.

After booking, the user gets an e-ticket message »form IRCTC on the mobile device which can be presented at the time of travelling.
The above given process proves that without being fixed at the computer terminal or being physically present at the railway station, the customer can access the services using the mobile device whenever and wherever he/she goes.

(3) Mobile Auctions:

The auctions sites are becoming more popular these days.
Mobile devices further help in increasing the reach of these auction sites.
A user while on the move can access these sites, make a bid, monitor bids and take a timely action on the bidding process.
Many of the auction sites have built gateways and interfaces to provide access to mobile devices through wireless networks.
Figure shows the auction site ebay as viewed on a mobile device.
The user can bid for the products using the mobile device.

(4) Mobile Entertainment:

Mobile devices are used extensively for listening to audio, viewing video and playing games.
The mobile users can subscribe to entertainment libraries where they can search for songs, videos or games and easily downloaded them in their device for playing later.
Entertainment services such as pay-per- download, pay-per-event or on subscription basis can cater to a large number of mobile users and are willing to pay for the services.

(5) Mobile Purchase :

Mobile purchase allow customers to shop online anytime anywhere.
Customers can browse and order products while using a secure payment method.
Instead of using paper catalogue, retailer can send a list of products that a customer would be interested in, directly to their mobile device.
Alternatively, the consumers can also visit a mobile version of a retailer’s E-commerce site.
The retailers can also track the customers and notify them of discounts at local stores that the customer would be interested in
Figure (a) shows the home page of flipkart as seen on mobile device.
Figure (b to f) shows the purchase process from selecting a category, choosing the product, viewing its detail, placing the order and provide the shipping details on the mobile device.

(6) Mobile Financial Services :

Today, many popular banks and financial institutions use M-commerce.
They allow their customers to access account information; perform transactions like stock purchase, remit money, via mobile phones and other mobile equipments.
Figure shows the mobile services provided by Union Bank.
The customer can download the application “umobile” from the android market.
After getting registered, the customer can avail the services that are provided by the bank on his mobile as shown in figure.
In figure the various main menu options can be seen.
The customer can check his/her balance, transfer the funds to any other bank account, place request for a Cheque hook and Can avail many other sei’ces from his! her mobe deviCe.

(7) Mobile Information Services:
A wide variety of information services can be delivered to mobile phone users in much the saine way
as it is delivered to personal computers. The services include :

News service
Stock market data
Sports news
Financial records
Traffic records
Traffic information

Question 6.
Give some website examples for the following M-commerce applications :
(1) Mobile ticketing
Answer:
irctc.co.in

(2) Mobile Auctions
Answer:
eBay.com / eBay.in

(3) Mobile purchase
Answer:
flipkart.com

(4) Mobile information services
Answer:
tejasthakkar.com

(5) Mobile financial services
Answer:
naukri.com

Question 7.
What is L-commerce ?
Answer:

With more and more wireless handheld devices like PDA’s, Cellular phone and pocket PC’s there are significant opportunities for the growth of M-commerce.
Although mobile commerce enables access to goods and services regardless of the location of buyer or seller, in many situations the specific location of the buyer and seller is important to the transaction.
Today various location-specific applications and services are emerging.
These applications track the user’s location in order to deliver a service or product.
The use of technologies which provide the location information for business purposes is known as L-commerce.
The technology uses the geographical location of the mobile device to determine which applications are appropriate based on that area.
It enables users to log their locations, track the location of another person and find places such as a bank or restaurant.
The technology works by using signals from GPS, cellular and Wi-Fi sources.
The Global Positioning System (GPS) is most accurate in determining a mobile device’s position.
It is based on a worldwide satellite tracking system where the GPS signals are generated by a group of satellite that orbits around the Earth.
To locate a point, a mobile device will utilize three satellites to create an intersecting point that locates the device within 500 meters.
This is known as triangulation.
If the GPS signal is poor, weak or blocked, the mobile device can use the signals from cell towers and Wi-Fi hot spots.
These signals do not broadcast their own locations but Smartphone companies use databases that store the locations of these sources.
Figure shows the application which tracks the user’s location on the mobile device using GPS. (Note: GPS must be enabled on the device).
The advertisements seen on the mobile device in the figure are also location specific.
In the figure the user’s current location is CG road in Ahmedabad.
If the user wants to search the restaurants that are close to his current location, he selects the restaurant option in the figure.
This will show a list of restaurants that are near to his/her current location.
The user can also specify the distance as shown in figure to search within a specific range of distance only.
This further helps in filtering the search results in figure.

Another example of location based services is where one can use maps to find the path to the destination.
For example, the user wants to reach a particular destination whose path is not known.
Using the maps, the location based services tracks the user’s current location as seen in figure.
The current location is indicated using blue color pointer.
To find the destination one can either type or speak the destination name as shown in figure.

As seen in the figure the destination “Viramgam” is selected.
The map shows the route from source to destination as shown in 5.18.

The distance to the destination and the , approximate time to reach the destination is also shown in figure.
The driving direction to the destination can also be seen in figure.
Location based services offers convenience and opportunity to provide services that are more quick or

precise and can meet a customer’s needs. Some examples of location-based applications are :

Information or directory services : Dynamic yellow pages automatically inform the users about the nearest restaurants, parking facility, traffic updates.
Tracking services : Tracking of assets, locating friends in a geographical location, tracking stolen cars, tracking of children by parents.
Emergency services : Emergency medical ambulance, search and rescue mission, roadside assistance, police and fire response.
Advertising promotion : Targeted ads, promotional messages, customer identification in a store.
Mapping : Creating maps of specific geographical location.
Navigation : Plotting route from one place to another.

Questin 8.
What is GPS ? How does it locate a device ?
Answer:

With more and more wireless handheld devices like PDA’s, Cellular phone and pocket PC’s there are significant opportunities for the growth of M-commerce.
Although mobile commerce enables access to goods and services regardless of the location of buyer or seller, in many situations the specific location of the buyer and seller is important to the transaction.
Today various location-specific applications and services are emerging.
These applications track the user’s location in order to deliver a service or product.
The use of technologies which provide the location information for business purposes is known as L-commerce.
The technology uses the geographical location of the mobile device to determine which applications are appropriate based on that area.
It enables users to log their locations, track the location of another person and find places such as a bank or restaurant.
The technology works by using signals from GPS, cellular and Wi-Fi sources.
The Global Positioning System (GPS) is most accurate in determining a mobile device’s position.
It is based on a worldwide satellite tracking system where the GPS signals are generated by a group of satellite that orbits around the Earth.
To locate a point, a mobile device will utilize three satellites to create an intersecting point that locates the device within 500 meters.
This is known as triangulation.
If the GPS signal is poor, weak or blocked, the mobile device can use the signals from cell towers and Wi-Fi hot spots.
These signals do not broadcast their own locations but Smartphone companies use databases that store the locations of these sources.
Figure shows the application which tracks the user’s location on the mobile device using GPS. (Note: GPS must be enabled on the device).
The advertisements seen on the mobile device in the figure are also location specific.
In the figure the user’s current location is CG road in Ahmedabad.
If the user wants to search the restaurants that are close to his current location, he selects the restaurant option in the figure.
This will show a list of restaurants that are near to his/her current location.
The user can also specify the distance as shown in figure to search within a specific range of distance only.
This further helps in filtering the search results in figure.

Another example of location based services is where one can use maps to find the path to the destination.
For example, the user wants to reach a particular destination whose path is not known.
Using the maps, the location based services tracks the user’s current location as seen in figure.
The current location is indicated using blue color pointer.
To find the destination one can either type or speak the destination name as shown in figure.

As seen in the figure the destination “Viramgam” is selected.
The map shows the route from source to destination as shown in figure.

The distance to the destination and the , approximate time to reach the destination is also shown in figure.
The driving direction to the destination can also be seen in figure.
Location based services offers convenience and opportunity to provide services that are more quick or

precise and can meet a customer’s needs. Some examples of location-based applications are :

Information or directory services : Dynamic yellow pages automatically inform the users about the nearest restaurants, parking facility, traffic updates.
Tracking services : Tracking of assets, locating friends in a geographical location, tracking stolen cars, tracking of children by parents.
Emergency services : Emergency medical ambulance, search and rescue mission, roadside assistance, police and fire response.
Advertising promotion : Targeted ads, promotional messages, customer identification in a store.
Mapping : Creating maps of specific geographical location.
Navigation : Plotting route from one place to another.

Question 9.
List some applications of location based services.
Answer:

The location of the mobile phone user is an important piece of information used during mobile commerce transactions.
For example, a consumer wanting to buy a Smartphone within a certain price limit and specifications would be interested in knowing that nearest location of the store where he can get the desired product.
In such a case, it is important that the location and search sendee should be able to provide the list of stores in the city or nearby areas of the mobile user’s current location.
Knowing the location of the mobile user allows the vendors to provide location based services such as local maps, local offers, local weather, people tracking and monitoring.
Mobile devices can also be used to get directions to particular place, movie theatre, restaurant, hospital or other such amenities,
Below given is about the location based search known as L-commerce.

Question 10.
What are the four important aspects of E-commerce security ?
Answer:

Internet is a public network system that consists of thousands of private computer networks connected together. o These private computer networks are exposed to potential threats from anywhere on the public network.
Internet provides a good opportunity to the businesses but along with the convenience also come new risks.
The valuable data or information that travels on the Internet may be misused, stolen, corrupted or lost.
For example, while making online purchase on the E-commerce website, customer needs to provide the credit card number and personal details.
This information is transmitted to the merchant server.
The merchant server sends it to the issuing bank for authorization through payment gateway.
All these transmissions occur on the public network i.e. Internet.
An unauthorized user may read the credit card number during the transmission and misuse it later on.
Also, there are possibilities that order information might be changes in between.
If the customer has ordered 10 items and somehow the merchant receives order of 100 items, he would ask us to pay for 100 items. An intruder can steal or tamper information anywhere in the world while sitting on his computer.
He can create new programs and run them on remote computers causing it to malfunction or break down in worst cases while hiding his identity.
E-commerce / M-commerce sites have to keep their online data such as customer’s personal details, their bank details and many more safe.
They have to be aware of all the frauds that are taking place now-a-days.
As E-commerce deals with payments such as online banking, electronic transactions, using debit cards, credit cards and many others; the E-commerce / M-commerce websites have more security issues.
They are at more risk of being targeted than other normal websites.
Thus, it becomes very important to secure the data on Internet.
The E-commerce / M-commerce security must meet four important aspects as mentioned below :

(1) Confidentiality :

It refers to the secrecy of the information so that unauthorized user cannot read it.
It is achieved by using cryptography in which all the messages transmitted are encrypted and only the receiver can read it after decrypting the message using appropriate key.
This protects the data from private attacks and ensures that the message is not revealed or leaked to anyone as it travels to the destination.
It helps in protecting the confidential data , like credit card number.

(2) Integrity :

It ensures that the information must not be accidentally or maliciously altered or tampered in transit.
The receiver should receive the same message as was sent by the sender.
If the message is altered in between the transition, it should be detected.
This removes the problem of modifying the order quantity in between and later creating the payment problems.

(3) Authorization :

It ensures that only authentic users are allowed to use the system.
The login and password is one of the ways to achieve authentication.

(4) Non-repudiation :

It ensures that the sender of the message cannot deny that he / she has sent the message.
It prevents sender or receiver from denying a transmitted message when in fact they did send it.
For example, if the customer denies of sending a purchase order for any reason, then it can be proved that the customer has send the message.
It is usually accomplished via digital signatures or a Trusted Third Party (TTP).

Question 11.
Explain the following Internet security threats :
Malicious code
Answer:
The most common threats that are faced on Internet are :
Malicious code :

Malicious code is one that causes damage to a computer or system.
Malicious code can either activate itself or be like a virus requiring a user to perform an action, such as clicking on something or opening an email attachment.
It can also affect a network, send messaged through email and steal information or cause even more damage by deleting files.

(2) Sniffer
Answer:
Sniffer

A sniffer is aprogram thatuses Intemetto record information that passes through a computer or router in transit from sender to receiver.
Using a sniffer program is like tapping the telephone wire and recording the conversation.
Sniffer programs can read e-mail messages, user login, password and credit card numbers.

(3) Denial of service attack
Answer:
Denial of service attack :

A Denial-of-Service (DoS) attack is an attack used to shut down a machine or network, making it inaccessible to tie intended users.
By targeting the user’s computer and its network connection, or the sites which the user tries to access, an attacker may be able to preventthe user from accessing email, websites and online accounts like banking or other services that relay on the affected computer.
The users are flooded with hundreds and thousands of messages that create traffic problem on the network.

Question 12.
What is cyber vandalism ?
Answer:
Cyber Vandalism

Cyber vandalism is the electronic defacing of an existing website page.
An attacker replaces the website’s original content with his / her own content.
It is an example of integrity violation.
It is the electronic equivalent of destroying property or placing graffiti on someone’s photograph.
Today, there are so many cases of cyber vandalism where the business content is replaced by offensive material.

Question 13.
Explain the term spoofing.
Answer:
Spoofing :

Spoofing or masquerading is pretending to be someone you are not, or representing a website as authentic when it is actually a fake.
It is a technique where the attacker tries to assume the identity of another person or system for transacting the victim site.
For example, an attacker can create a fake website as www.gswan.co.in and substitute his IP address for the real website IP address.
All the user’s visiting to the real site will then be redirected to the fake website.

Question 14.
List the various security measures taken for security threats.
Answer:
To prevent the various security threats many security measures are taken. Some of them are discussed below :

(1) Antivirus software :

Antivirus software is a computer program that detects, prevents and takes action to remove the malicious codes like viruses, worms and Trojan horses from the infected system.
To protect your computer one needs good antivirus software.
A system without antivirus software can easily be targeted by malicious code within a short span of time on Internet.
The problems and damage that are caused by an infection can be extremely varied.
The infection may be simple as causing strange noises, pop-ups and other annoying things on the system.
It may delete the files and slow down the system or also can damage the hardware or destroy the entire computer system.
Once a system is infected by virus, it will spread by attaching to other programs and files within the system.
Viruses not only replicates itself within the system but can also spread to other systems by taking control of the users email and sending out copies of itself to those in the users contacts list.
The most common way a system is attacked is through infected attachments to email.
These attachments can be in the form of pictures, videos, sound clips or any other type of file that can be attached to an email.
Infections can also spread through downloads.
To prevent harm to the system, the antivirus software scans the downloaded files and the entire computer system in order to detect the presence of an infection.
Today, there is antivirus software for mobile devices also due to prevalent use of Internet on these devices,
A large range of antivirus software is available in the market.
Antivirus software is critical to be installed and kept updated regularly on the computer.

(2) Firewall :

Companies having their own websites have to control the access to the network both inside and outside the company network.
The most commonly used network protection barrier between the company’s network and the outside world is a Firewall.
As shown in figure firewall is a device (a computer or a router) placed between the network and the Internet to monitor and control the traffic between the company’s local network and the outside world.
The primary goal of a firewall is to keep intruders away from the company’s E-commerce infrastructure.
It ensures that the company’s crucial data is kept safe and not accessed by the intruders.

A firewall protects the local network against the following :

Email services that sometimes create problems.
Undesirable material like photos, videos entering into local network.
Unauthorized persons gaining access to local network.
Unauthorized data or information leaving the company’s network.
Blocks the traffic from outside world to the local network.
Protects from any type of network attack.

(3) Digital Certificate :

Digital Certificates or Digital ID is used for providing our identity in electronic transactions.
just as we have a driving license or a passport to prove our identity in the real world, with a digital Certificate, we can assure the business organizations, online services and friends that the electronic information they receive from us are authentic.
Digital Certificate is issued by a trusted third party to establish the identity of the holder.
The third party who issued certificates is known as a Certificate Authority (CA).
Digital Certificate contains the holder’s name, a serial number, expiration dates, a copy of the certificate holder’s public key which is used for encrypting messages and digital signatures and the digital signature of the certification authority so that a receiver can verify that the certificate is real.

(4) Cryptography :

Cryptography is an art of protecting the information by transforming it into an unreadable form.
Encryption is the transformation of normal text known as “plain text” into unreadable or secret text known as “cipher text” using encryption algorithm.
A secret key is used to encrypt and decrypt a message.
It does not hide the text but converts it into other text that does not make any meaning.
Its purpose is to ensure privacy by keeping the information hidden from anyone on the Internet except the receiver of the message.
Messages are encrypted just before they are sent on the Internet or network.
When the encrypted message is received by the receiver, it needs to be decrypted.
Decryption is the reverse of encryption.
It is the transformation of encrypted text back into normal text.
There are number of encryption algorithms available in the market today.
In recent years, number of cases has been reported where the data in transit was intercepted.
Encryption is used to protect data in transit, for example data being transferred via networks like Internet or E-commerce, mobile telephones, Bluetooth devices and bank Automatic Teller Machines (ATMs).
Assume that one wants to send a message “HOW ARE YOU ?” to your friend.
However, to protect the message, it has to encrypted.
Using encryption we create a coded message to be sent to the friend.
Here the encryption mechanism substitutes each alphabet with the alphabet that comes after it. This means “A” becomes “B” and “B” becomes “C” and so on.
The friend has to be told decrypt key as “Shift by 1”.
The message will then be encrypted as shown in figure:

When the message is received by the friend, it can be decoded with the help of the key.
Anyone else who sees the message in transit will only see weird characters.
The key kept here is simple, but usually they are quite long.
For E-commerce security various protocols are also used.
Below given is the explanation to understand SSL protocol.

(5) Secure Socket Layer (SSL) :

Now-a-days every user sends various types of data from email to credit card details.
The user would want this data to be protected when in transit over a public network.
SSL protocol is used for securing web transactions on the Internet.
It was developed by Netscape.
During the E-commerce transaction, all the information is exchanged in secured manner using SSL by encrypting all the messages.
It also provides the authentication of the merchant or shopper using a digital certificate so that the customer knows that they are communicating with a valid owner.
To identify whether a site is secured, a security logo is present on the screen.
If a site is secured by VeriSign, then the security logo of VeriSign is displayed on the login screen of the secured site.
On clicking, the owner information and the validity of the certificate is displayed.
This indicates that the communication with this site is secured and the owner of the website is valid who is certified by the authority like VeriSign.
The other indication of the security is that whenever connection is made to the secured site its address starts from https:// rather than http:// as shown in figure.

Question 15.
What does a digital certificate contain ?
Answer:
Digital Certificate :

Digital Certificates or Digital ID is used for providing our identity in electronic transactions.
just as we have a driving license or a passport to prove our identity in the real world, with a digital Certificate, we can assure the business organizations, online services and friends that the electronic information they receive from us are authentic.
Digital Certificate is issued by a trusted third party to establish the identity of the holder.
The third party who issued certificates is known as a Certificate Authority (CA).
Digital Certificate contains the holder’s name, a serial number, expiration dates, a copy of the certificate holder’s public key which is used for encrypting messages and digital signatures and the digital signature of the certification authority so that a receiver can verify that the certificate is real.

Question 16.
What is cryptography ? Using encryption mechanism of each alphabet with the alphabet that comes before it, encrypt the message “Gandhi Ashram”.
Answer:
Cryptography :

Cryptography is an art of protecting the information by transforming it into an unreadable form.
Encryption is the transformation of normal text known as “plain text” into unreadable or secret text known as “cipher text” using encryption algorithm.
A secret key is used to encrypt and decrypt a message.
It does not hide the text but converts it into other text that does not make any meaning.
Its purpose is to ensure privacy by keeping the information hidden from anyone on the Internet except the receiver of the message.
Messages are encrypted just before they are sent on the Internet or network.
When the encrypted message is received by the receiver, it needs to be decrypted.
Decryption is the reverse of encryption.
It is the transformation of encrypted text back into normal text.
There are number of encryption algorithms available in the market today.
In recent years, number of cases has been reported where the data in transit was intercepted.
Encryption is used to protect data in transit, for example data being transferred via networks like Internet or E-commerce, mobile telephones, Bluetooth devices and bank Automatic Teller Machines (ATMs).
Assume that one wants to send a message “HOW ARE YOU ?” to your friend.
However, to protect the message, it has to encrypted.
Using encryption we create a coded message to be sent to the friend.
Here the encryption mechanism substitutes each alphabet with the alphabet that comes after it. This means “A” becomes “B” and “B” becomes “C” and so on.
The friend has to be told decrypt key as “Shift by 1”.
The message will then be encrypted as shown in figure:

When the message is received by the friend, it can be decoded with the help of the key.
Anyone else who sees the message in transit will only see weird characters.
The key kept here is simple, but usually they are quite long.
Below given is the explanation to understand SSL protocol.

Question 17.
What is the purpose of SSL ?
Answer:
Secure Socket Layer (SSL) :

Now-a-days every user sends various types of data from email to credit card details.
The user would want this data to be protected when in transit over a public network.
SSL protocol is used for securing web transactions on the Internet.
It was developed by Netscape.
During the E-commerce transaction, all the information is exchanged in secured manner using SSL by encrypting all the messages.
It also provides the authentication of the merchant or shopper using a digital certificate so that the customer knows that they are communicating with a valid owner.
To identify whether a site is secured, a security logo is present on the screen.
If a site is secured by VeriSign, then the security logo of VeriSign is displayed on the login screen of the secured site.
On clicking, the owner information and the validity of the certificate is displayed.
This indicates that the communication with this site is secured and the owner of the website is valid who is certified by the authority like VeriSign.
The other indication of the security is that whenever connection is made to the secured site its address starts from https:// rather than http:// as shown in figure.

Question 18.
List the issues related to intellectual property.
Answer:
The intellectual property includes books, software’s, music, video, copyrights, trademarks and web pages. Some of them are explained below :

(1) Copyright :

Copyright provides the author with a tool to protect his / her original work from being used or taken by others without permission.
It is applicable to books, software programs and articles.
Copyright law protects intellectual property in its various forms and cannot be used freely.
It is difficult to protect Intellectual property in E-commerce or M-commerce.
For example, if one buys software, one has , the right to use it and not the right to distribute it.
The distribution rights are with the copyright holder.
Also, most of the web pages are protected by copyright.
In that case, copying contents from that website also violates copyright laws.

(2) Trademark :

It is a specific logo, mark, word, symbol, design, phrase or image which is used by an individual or a company to distinguish a product or service from that of others in the market.
A trademark may be designed by the following symbols: TM, SM and ®.

(3) Domain name disputes :

The competition over domain names is another legal issue.
Earlier, the domain names were given on first come first basis.
Thus people would register domain names that were not in use but would be of importance.
Later on, such domain names were sold to concerned company at a very high price.
This is known as cyber squatting.
Another problem is Name changing where someone registers purposely misspelled variations of well known domain names.
This can mislead the consumers who generally make typographical errors while entering a URL.

Question 19.
Which are the different ways of protecting Intellectual property ?
Answer:
Several new and improved methods are continually being developed to protect the intellectual property. Some of them are discussed below :

(1) Steganography :

Steganography is the process of hiding information within other information.
The information in the files if not protected can be used for any malicious purpose.
It works by replacing unused data in computer files such as images, sound or text with invisible information.
This hidden information can be plain text, cipher text, or even images.
Special software is needed for steganography and there are freeware versions available on Internet which can be easily downloaded.

(2) Digital Watermarking :

The watermark is a digital code inserted into a digital image, audio or video file which can identify the file’s copyright information.
It also allows hiding information in a totally invisible manner.
Earlier artists used to creatively sign their paintings with a brush to claim copyright.
But in the digital world, artists can watermark their work by hiding their name within the image.
Hence, the invisible embedded watermark helps to identify the owner of the work.
This concept is also applicable to other media such as digital video and audio.
Currently the unauthorized distribution of digital audio over the Internet in the MP3 format is a big problem.
In this case, digital watermarking may be useful to set up controlled audio distribution and to provide efficient means of copyright protection.
In the field of data security, watermarks can be used for certification and authentication.
For example, the photo identity card of a person can be protected by an identity number “123456” written on the card and hidden as a digital watermark in the identity photo.
So manipulating or changing the identity photo can be detected easily.
Digital watermarking can also link information on the documents.
For example, the name of a passport owner is normally printed in clear text.
But using digital watermark, the name can also be hidden in the passport photo.
If anyone tries to tamper with the passport by replacing the photo it would be possible to detect the change by scanning the passport and verifying the name hidden in the photo.
A visible digital watermark can be added to any image using photo editor tools like GIMP.

Question 20.
List the different types of electronic payment systems.
Answer:

Payment is one of the most important aspects of E-commerce as well as M-commerce.
In traditional payment method, one does the payment using cash, cheque or credit card.
Electronic payment systems are becoming more important to the online business processes as companies are looking for different ways to serve the customers faster and at low cost.
Electronic payment is a financial exchange that takes place online between the buyer and the seller.
There are various payment options available for payment in the market today.
The different types of electronic payment systems used are :

(1) Payment Cards :
The payment cards can be classified as Credit cards, Debit cards and Smart cards, generally businesses use the term payment card for all types of plastic cards that consumers use to make payments.

(A) Credit Card :

This is one of the most popular and widely accepted methods of payment on Internet.
A credit card is issued to the customers by the banks known as issuing banks.
The issuing banks provide the credit cards of the financial institutions which are established and reputed in the services of credit card business.
Examples include MasterCard® or Visa®.
Depending upon the customer’s credit history and income level, credit limits are provided and up to that limit the customer can spend and pay to the issuing bank within the billing period.
As credit cards are linked to a bank account, when they are used to pay online, the merchant charges the goods to the issuing bank account and the bank shows the debit in the next statement. The customer simply pays the bank.
For accepting payments on websites through credit card, merchant needs to open a merchant account with the banks which is known as acquiring banks, which in turn provides the services of online authorization and payment processing.
Authorization is the process of verifying whether the card is active; the credit limits are available to make purchase and verifying the other details of the customer like billing information.
Credit cards are widely accepted by merchants and provide assurance to the customer as well as the merchant.
Figure shows some credit cards.

In credit card transactions over the Internet, the customer visits the merchant’s website and selects goods to buy, all the information related to credit card is entered and then this information is transmitted to the merchant electronically.
In this transaction four parties are involved :
1. Customer with credit card
2. Merchant accepting the credit card
3. Issuing Bank : Issues the credit card and guarantees the payment to the merchant. The bank collects the payment from the customer.
4. Acquiring banks : Financial institution that establishes the account with the merchant validates the credit card information of the customer and authorizes sale based on the customer’s credit limit.
Two more entities play role in online payment.
These are payment gateways and processors.
Payment gateways are services provided by the third parties like PayPal which connects networks of all the parties involved and enables to perform authorization and payment in secured manner.
Processors are data centers which perform the credit card transactions and settle funds to the merchant.
Processors are connected to the E-commerce website of the merchant through the payment gateway.
The online payment through credit card on Internet is divided into two parts: Authorization and Settlement.
During authorization the following steps are performed :
1. Customer checkouts, provides credit card information on the E-commerce website, which along with the transaction details (like them detail, date of purchase and others) is transferred to the payment gateway.
2. The payment gateway passes the information to the processor which contacts the issuing bank for the verification of the information.
3. After verification, issuing bank sends the status of verification (or transaction result like accepted or rejected) to the processor which in turn passes it to the payment gateway.
4. Finally, payment gateway sends the result of the transaction to the merchant’s website. If the merchant accepts the transaction then the next step is the settlement during which it transfers the amount from the customer’s account to the merchant’s account.
During the setdement or payment processing the following steps are performed :
1. Merchant sends the transaction request with all the details to the payment gateway which sends to the processor.
2. Processor sends the payment details to the issuing bank of the customer.
3. It also sends the payment details to the acquiring bank where the merchant has an account.
4. The acquiring bank credits the amount to the merchant account.
5. The issuing bank after including all the charges sends the bill to the customer which he needs to pay within the billing period.
Major credit card companies use the Secure Electronic Transfer (SET) security system to make online transactions secure.
The advantages of credit card are :
1. Gives flexibility to the customer as they do not have to carry lot of cash. Customer can pay for goods and services both online and offline.
2. Keeps record of the customer’s purchase through the bank statement.
3. Allows customers to purchase goods even when they do not have the cash available in the bank account.
4. They can settle the cash by the end of the month.
The limitations of credit cards are :
1. They are unsuitable for very small or very large payments. Also, due to security issues, these cards have a limit and cannot be used for excessively large transactions.
2. Customers tend to overspend using credit cards.
3. Problems arise in case lost or stolen credit cards.

(B) Debit Cards :

A debit card looks like credit card but works differently.
It is a kind of payment card that transfers fund directly from the consumer’s bank account to the merchant.
The amount is immediately deducted from the bank account of the consumer.
The debit cards can keep the consumer purchases under a limit and do not allow him to exceed beyond his/her budget.
But while using a debit card for a purchase, the consumer should always be aware of his account balance.
Figure shows an example of debit card.

Smart cards look just like credit cards but are different as they have a microchip embedded in their surface.
A smart card contains user’s private information, such as account information, health insurance information, private keys etc.
It can store 100 times more information than the normal cards.
They are much safer than the credit or debit cards as the information stored in the smart card is encrypted.
Customers can load their card with cash and then use this to pay for goods in a merchant’s retail outlet or website.
Card readers are available for retail outlets as well as an attachment for PCs.
This convenience gives a great advantage to smart cards.
They can be used for a range of purposes like storing digital cash, storing a patient’s medical records etc.
Smart cards are popular in countries like U.S., Europe, Japan and some parts of Asia.
A smart card reader is required to read information or add data to it.
It is a small device into which the smart card is inserted.
For example, when one visits their family doctor, the smart card can be given to him to review the medical history and prescribe medicines.
This information is also inserted into the smart card.
At the medical store, the card can be handed over ‘ to the pharmacist, who can see the prescription and give the medicine accordingly.
Also, the payment for the medicines can be done using smart card.

(D) Charge cards :

A charge card is another form of payment mechanism wherein the customer can pay through the card to the vendor.
As compared to credit cards that have a credit limit, the charge card does not carry any spending limit.
The customer has to pay the total amount used at the end of the billing period to the company that has issued the card.
If the total amount is not paid back then the customer has to pay a late fee.

(2) Net Banking :

Another option which is becoming more popular is net banking or online banking. It does not involve any type of card.
It can be used by customers who have bank accounts enabled with Internet Banking.
The bank provides the net banking password to the customer for operating the account from Internet including the payment for online purchases.
Many of the E-commerce / M-commerce websites provide the facility to make the payments using net banking.
Instead of entering card details on the website, it allows one to specify the bank through which the user wishes to pay from.
On these websites, when one proceeds to make the payment, one is asked to select the bank.
Once the bank is selected, the screen of the bank’s website will be seen.
That is where the login procedure is done using account number and net banking password.
The transaction and transfer of the amount can be performed from the users account of the merchant.
Indian railway provides the facility to book tickets online on their website www.irctc.co.in.
First, the user has to register with the site and provide the details of the journey along with the passenger information.
Once the information is filled up, the user can proceed to the payment where net banking option is provided.
Selection of bank is done here and continued further which displays the login screen of the bank and transfer fund to Indian railway to complete the booking.
After successful payment, the user gets a message on the registered mobile number from irctc, which can be shown at the time of travel or E-copy of the ticket can also be printed.
Net banking payment system is seen as being safer than using credit cards as nearly all merchant accounts in India offer it as an option.

(3) Electronic Fund Transfer :

Electronic Funds Transfer (EFT) means transferring money from one bank account to another electronically.
It is safe, secure, efficient and less expensive than paper check payments and collections.
Examples of EFT are :
1. Transactions amongst various banks around the world.
2. Payment of tuition fees using an ATM.
3. Deposit of employee’s salaries in their accounts.
4. Monthly bank account deductions and many more.
The popularity of EFT for online bill payment is growing.
The benefits of EFT include reduced administrative costs, increased efficiency, simplified book keeping and greater security.
However, the number of companies who send and receive bills through the Internet is still relatively small.

(4) E-wallet :

Most of the time when a purchase is made on the web, the user has to fill out a form with name, shipping address, billing address, credit information and so on.
It becomes an annoyance if the similar form has to be filled up every time the user shops.
Some merchants solve the problem by having to fill out a form only once and then saving the information on their servers for later use.
These merchants provide e-wallet for its customers.
Today many banks, online grocery stores, telecom services etc, provide e-wallet services.
E-wallet is an electronic card for making secure online payments towards a merchant.
It works just like a credit or a debit card.
While making payment through E-wallet the customer is not required to provide the credit/ debit card number thus reducing the risk of credit/ debit card number being exposed.
For example, IRCTC has launched E-wallet scheme for the customers to make online booking easier.
The customers having an account can deposit money in advance with IRCTC which can be used in future as payment option to book the tickets online.
Currently the users have to provide the credit/ debit card details for booking tickets.This payment procedure takes time as the customer is transferred to the bank’s server for payment.

(5) RuPay :

The term RuPay is coined from two terms Rupee and Payment.
It is a new card payment mechanism launched by National Payments Corporation of India (NPCI).
Figure shows the RuPay card which can be used the same way as we use the credit and debit cards.

Currendy, as there is no domestic card Indian banks have to tie up with Mastercard or Visa to connect cardholders, merchants and issuing banks around the globe.
Mastercard and Visa are the world leaders in card payments and all payment transactions are processed through them.
Every transaction done using a credit or debit card issued by a domestic bank is routed through their network switches which are outside the country.
These transactions involve additional charges for providing the services.
The banks have to pay for processing all debit and credit card payments.
RuPay cards are the domestic alternative to the other payment cards.
By using RuPay cards, all the transactions will be processed within India.
As the transaction processing will be done domestically, the cost of each transaction clearing and settlement will be reduced.
RuPay will benefit the customers and the banks by reducing the cost.

Question 21.
List the advantages and limitations of creadit card.
Answer:
(A) Credit Card :

This is one of the most popular and widely accepted methods of payment on Internet.
A credit card is issued to the customers by the banks known as issuing banks.
The issuing banks provide the credit cards of the financial institutions which are established and reputed in the services of credit card business.
Examples include MasterCard® or Visa®.
Depending upon the customer’s credit history and income level, credit limits are provided and up to that limit the customer can spend and pay to the issuing bank within the billing period.
As credit cards are linked to a bank account, when they are used to pay online, the merchant charges the goods to the issuing bank account and the bank shows the debit in the next statement. The customer simply pays the bank.
For accepting payments on websites through credit card, merchant needs to open a merchant account with the banks which is known as acquiring banks, which in turn provides the services of online authorization and payment processing.
Authorization is the process of verifying whether the card is active; the credit limits are available to make purchase and verifying the other details of the customer like billing information.
Credit cards are widely accepted by merchants and provide assurance to the customer as well as the merchant.
Figure shows some credit cards.

In credit card transactions over the Internet, the customer visits the merchant’s website and selects goods to buy, all the information related to credit card is entered and then this information is transmitted to the merchant electronically.
In this transaction four parties are involved :
1. Customer with credit card
2. Merchant accepting the credit card
3. Issuing Bank : Issues the credit card and guarantees the payment to the merchant. The bank collects the payment from the customer.
4. Acquiring banks : Financial institution that establishes the account with the merchant validates the credit card information of the customer and authorizes sale based on the customer’s credit limit.
Two more entities play role in online payment.
These are payment gateways and processors.
Payment gateways are services provided by the third parties like PayPal which connects networks of all the parties involved and enables to perform authorization and payment in secured manner.
Processors are data centers which perform the credit card transactions and settle funds to the merchant.
Processors are connected to the E-commerce website of the merchant through the payment gateway.
The online payment through credit card on Internet is divided into two parts: Authorization and Settlement.
During authorization the following steps are performed :
1. Customer checkouts, provides credit card information on the E-commerce website, which along with the transaction details (like them detail, date of purchase and others) is transferred to the payment gateway.
2. The payment gateway passes the information to the processor which contacts the issuing bank for the verification of the information.
3. After verification, issuing bank sends the status of verification (or transaction result like accepted or rejected) to the processor which in turn passes it to the payment gateway.
4. Finally, payment gateway sends the result of the transaction to the merchant’s website. If the merchant accepts the transaction then the next step is the settlement during which it transfers the amount from the customer’s account to the merchant’s account.
During the setdement or payment processing the following steps are performed :
1. Merchant sends the transaction request with all the details to the payment gateway which sends to the processor.
2. Processor sends the payment details to the issuing bank of the customer.
3. It also sends the payment details to the acquiring bank where the merchant has an account.
4. The acquiring bank credits the amount to the merchant account.
5. The issuing bank after including all the charges sends the bill to the customer which he needs to pay within the billing period.
Major credit card companies use the Secure Electronic Transfer (SET) security system to make online transactions secure.
The advantages of credit card are :
1. Gives flexibility to the customer as they do not have to carry lot of cash. Customer can pay for goods and services both online and offline.
2. Keeps record of the customer’s purchase through the bank statement.
3. Allows customers to purchase goods even when they do not have the cash available in the bank account.
4. They can settle the cash by the end of the month.
The limitations of credit cards are :
1. They are unsuitable for very small or very large payments. Also, due to security issues, these cards have a limit and cannot be used for excessively large transactions.
2. Customers tend to overspend using credit cards.
3. Problems arise in case lost or stolen credit cards.

Question 22.
How is a smart card different from credit cards ?
Answer:

Smart Cards :

Smart cards look just like credit cards but are different as they have a microchip embedded in their surface.
A smart card contains user’s private information, such as account information, health insurance information, private keys etc.
It can store 100 times more information than the normal cards.
They are much safer than the credit or debit cards as the information stored in the smart card is encrypted.
Customers can load their card with cash and then use this to pay for goods in a merchant’s retail outlet or website.
Card readers are available for retail outlets as well as an attachment for PCs.
This convenience gives a great advantage to smart cards.
They can be used for a range of purposes like storing digital cash, storing a patient’s medical records etc.
Smart cards are popular in countries like U.S., Europe, Japan and some parts of Asia.
A smart card reader is required to read information or add data to it.
It is a small device into which the smart card is inserted.
For example, when one visits their family doctor, the smart card can be given to him to review the medical history and prescribe medicines.
This information is also inserted into the smart card.
At the medical store, the card can be handed over ‘ to the pharmacist, who can see the prescription and give the medicine accordingly.
Also, the payment for the medicines can be done using smart card.

Question 23.
What is electronic fund transfer ?
Answer:
Electronic Fund Transfer :

Electronic Funds Transfer (EFT) means transferring money from one bank account to another electronically.
It is safe, secure, efficient and less expensive than paper check payments and collections.
Examples of EFT are :
1. Transactions amongst various banks around the world.
2. Payment of tuition fees using an ATM.
3. Deposit of employee’s salaries in their accounts.
4. Monthly bank account deductions and many more.
The popularity of EFT for online bill payment is growing.
The benefits of EFT include reduced administrative costs, increased efficiency, simplified book keeping and greater security.
However, the number of companies who send and receive bills through the Internet is still relatively small.

Question 24.
What is Cyber bullying ? How can it be avoided ?
Answer:
(1) Cyber Bullying :

The term Cyber Bullying is made from two words ‘Cyber’ and ‘Bullying’.
A deliberate and hostile act repeatedly committed by a group or an individual against another individual who cannot defend oneself, is considered as ‘Cyber Bullying’.
Cyber bullying is a form of virtual harassment.
This type of harassment is generally executed through any electronic devices such as smartphone, tablet, computer, etc.
Cyber bullying becomes possible generally on social media, chat rooms, gaming platforms, etc. as these platforms are used to share information and contents or to communicate with one another.

Common types of cyber bullying :

Threatening someone using online medium in order to provoke to hurt oneself or others, performing illicit activities or pressurizing someone to do acts that they don’t intend to do.
Uploading or posting comments, photos or videos of a person , community or organization that are humiliating, embarrassing and nasty.
Creating and uploading a web page of a person, community or organization which is humiliating, embarrassing and nasty.
Using a fake identity to get someone’s personal information or to post it on internet.

Steps to stop cyber bullying :

Due to the increasing use of internet based ‘cyber activities’ and vast reach of internet medium it becomes difficult to stop cyber bullying. But the following preventive steps can help to stop cyber bullying up to certain extent.
Discuss freely about any incident of cyber bullying with your family, friends and teachers.
Avoid uploading your personal information on internet and also decide what personal information is appropriate to be disclosed on internet.
Make sure that your passwords, photographs and other important information is private to you.
During an online interaction never ever send any message in anger and don’t use rude language. In any such situation take some time, think properly, let some time pass, then only send message using proper language.
In case you have become a victim of cyber bullying then first of all, block the responsible person and don’t reply anything. Discuss the incidence with someone whom you trust.
Take screen shorts of the evidences of cyber bullying or save them in your computer or take printouts, so that they can be produced as and when required.
Search yourself in Google, check if there is some information about you which should not be there.

Question 25.
List and explain the threats that can crop up when using an email.
Answer:
Today, the E-mail system is used by individuals as well as organizations to do their daily correspondence. There are two main components of an E-mail system : (1) Mail Client (2) Mail Server. People use generic or special mail client to read, compose, send, and store their e- mail. The mail client sends the emails using the underlying network infrastructure to a mail server. These emails are then delivered, forwarded and stored by the mail server. For a better efficiency it is important to protect all components involved in proper working of an e-mail system. The mail clients, servers as well as the devices and the infrastructure which is also a part of email system need to be protected.

E-mail arewidely used to communicate within the organisation or with the outer world which may be trusted in some cases but not always. Attackers may miss use e-mail system and can try to access confidential information, interrupt access to IT resources, gain control over the organization, etc.

Some common problems and threat that people and organization while using e-mail system may confront are Malware, Spam, Phishing, Social engineering, unauthorized access to resources and information leak. Let us discuss these threats one by one.

(1) Malware :

Malware is also called ‘Malicious Software’.
Malware includes virus, worm, trojan horse and spyware.
Malware destroys the structure based on information technology and captures control over the machine. It miss uses the personal information, keeps a track of the user’s activities and keeps stealing the information. It executes the unwanted harmful activities.
The attacker sends malware from one system to another using the e-mail system and if he is succeeded he can get control over the system, e-mail account, saved information and other personal data that he can use as per his choice.
Example : Key- Logger is a unique spyware program which is an example of malware. It keeps a track of the data typed using the key board. It steals confidential information such as user name, password, bank account, credit card number, etc. and transfers it to other system.

(2) Spam :

Unnecessary and unwanted e-mails sent by unknown person which may be commercial or non- commercial are called ‘spam’.
The act of sending unwanted commercial messages indiscriminately to a large number of recipients is called ‘spamming’. The main intention of these mails may be commercial advertising or non-commercial proselytizing or for any prohibited purpose . It may also aim to use the disk’s space, memory or processor of the server. They are also used to spread malware.
In most of the e-mail systems a separate folder for spam is provided in which these mails can me marked as spam and stored.
The following figure shows the spam folder provided in Gmail :

(3) Phishing :

Sending e-mail using suspicious e-mail system with an attractive subject to get confidential and sensitive information is called ‘Phishing’.
Phishing commonly uses fake websites, webpages or web link to trap individuals into responding to the
e-mail and disclosing the sensitive information.
Phishing based spam mails are sent with attractive subjects which may trap even those who are aware of spam mails.
Example : One may receive an e-mail stating that he/ she has won a prize worth lakhs of rupees based on a game he/ she has played on a particular website. The recipient is asked to click on the given link to provide the bank details so that the prize money can be transferred. As soon as the recipient clicks on the links he/ she becomes the victim of phishing.

(4) Social Engineering :

Human’s weakness is exploited to unofficially access an individual’s or an organisation’s confidential information which is then misused.
Attackers known as ‘social engineers’ trick people into handing over access to one’s personal or organisation’s sensitive information. Here rather than hacking into a computer system, an attacker uses an e-mail to gather information from the user or makes the user perform such actions that lead to an attack.
E-mail spoofing is a common social engineering attackin which a person or a program pretends to be an official userby falsifying the sender information shown in e- mailand hides its true origin.
Example : The IT department of an organization may receive a message from its CEO to reset the password
of a crucial application as he/ she has forgotten it. This message may actually be sent by an attacker by using the CEO’s credentials.

(5) Unauthorized access to resources :

An attacker or an insider with malicious intent may use email as a tool to gain unauthorized access to resources through a successful attack on a mail server.
Once the mail server is compromised, an attacker may then be able to retrieve details of users such as username, passwords or any other critical information which then may grant the attacker access to other computers or resources within the organization’s network.

(6) Information Leak :

Users use emails from different location and devices such as from home, office, desktop computer, laptop, smart phone or an handheld device.
This practise of using the emails from multiple location and devices sometimes unknowingly lead to unintentional information leak and becomes a problem for the user.
Authorized users while using emails from multiple places accidently may send proprietary or other sensitive information. Such an information leak can at times create embarrassment for organization or may lead to legal actions.

Question 26.
Define the following terms :
(a) Cyber Grooming
Answer:
Cyber Grooming :

Today, a lot of children are accessing internet easily which has led to a new problem called ‘cyber grooming’. Here, generally an adult becomes a friend of a child and tries to connect emotionally with the child so as to get personal and private information from the child. This information is usually sexual in nature which afterwards is used to threaten and blackmail the child.
An adult makes a child his or her online friend and builds an emotional relationship with the child.
The main aim of cyber grooming is to develop trust and intimacy with the child to access his personal information which is often sexual in nature. The offender often does sexual conversation and asks for sexual photographs or videos, to threatenand blackmail the child.
Here, the offender starts with simple questions related to the child’s age, hobbies, school, family and then switches slowly to sexual conversation.
In many cases the child joins some websites which offers money or attractive gifts in exchange for contact details or the child’s intimate photos and the child unknowingly becomes a victim of cyber grooming.

(b) Online Gaming
Answer:
Online Gaming :

Games that can be played on internet or any other computer network are called ‘Online Gaming’. Availability of cheap internet has encouraged in the children the bad habit of playing more and more online virtual games in place of physical outdoor games.
A wide range of online games ranging from single user to multi user are available. These games include First person shooters, Strategy games, Role playing games, etc.
Online games are generally designed in the following two forms :
1. Simple text based environment
2. Complex graphics and virtual world
Online games, involving complex graphics and virtual worlds have become more popular in children as well as in people of various age groups.
Sometimes, these online games promotes cyber bullying, cyber grooming or violence. At times, many people become so addicted to online gaming that they face social disgrace or stigma.
Every internet user should always remember that no unknown person should ever be added to one’s social media or chat rooms. This can help to avoid such kind of problems to a great extent.

Malware is also called ‘Malicious Software’.
Malware includes virus, worm, trojan horse and spyware.
Malware destroys the structure based on information technology and captures control over the machine. It miss uses the personal information, keeps a track of the user’s activities and keeps stealing the information. It executes the unwanted harmful activities.
The attacker sends malware from one system to another using the e-mail system and if he is succeeded he can get control over the system, e-mail account, saved information and other personal data that he can use as per his choice.
Example : Key- Logger is a unique spyware program which is an example of malware. It keeps a track of the data typed using the key board. It steals confidential information such as user name, password, bank account, credit card number, etc. and transfers it to other system.

(d) Phishing
Answer:
(3) Phishing :

Sending e-mail using suspicious e-mail system with an attractive subject to get confidential and sensitive information is called ‘Phishing’.
Phishing commonly uses fake websites, webpages or web link to trap individuals into responding to the e-mail and disclosing the sensitive information.
Phishing based spam mails are sent with attractive subjects which may trap even those who are aware of spam mails.
Example : One may receive an e-mail stating that he/ she has won a prize worth lakhs of rupees based on a game he/ she has played on a particular website. The recipient is asked to click on the given link to provide the bank details so that the prize money can be transferred. As soon as the recipient clicks on the links he/ she becomes the victim of phishing.

Question 27.
Choose the correct option from the following :

1) Which of the following refers to buying and selling of goods or services through the use of Internet enabled wireless devices ?
(A) Internet
(B) M-commerce
(C) M-banking
(D) WWW
Answer:
(B) M-commerce

2) Which of the following is the use of technologies which provide the location information for business purpose ?
(A) E-commerce
(B) M-commerce
(C) L-commerce
(D) Traditional commerce
Answer:
(C) L-commerce

3) Which of the following stands for GPS ?
(A) Global Positioning System
(B) Global Postal System
(C) Grand Positioning System
(D) Google Positioning System
Answer:
(A) Global Positioning System

4) Which of the following security aspect refers to the secrecy of the information so that unauthorized user cannot read it ?
(A) Confidentiality
(B) Integrity
(C) Non-repudiation
(D) Authorization
Answer:
(A) Confidentiality

5) Which of the following security aspect ensures that the information must not be accidentally or maliciously altered or tampered in transit ?
(A) Confidentiality
(B) Integrity
(C) Non-repudiation
(D) Authorization
Answer:
(B) Integrity

6) Which of the following security aspect ensures that only authentic users are allowed to use the system ?
(A) Authorization
(B) Confidentiality
(C) Non-repudiation
(D) Integrity
Answer:
(A) Authorization

7) Which of the following security aspect ensures that the sender of the message cannot deny that he/she has sent the message ?
(A) Authorization
(B) Confidentiality
(C) Non-repudiation
(D) Integrity
Answer:
(C) Non-repudiation

8) Which of the following is a program that uses Internet to record information that passes through a computer or router in transit from sender to receiver ?
(A) Sniffer
(B) Denial of service attack
(C) Malicious code
(D) Spoofing
Answer:
(A) Sniffer

9) Which of the following is an attack used to shut down a machine or network, making it inaccessible to its intended users ?
(A) Malicious code
(B) Denial of Service
(C) Spoofing
(D) Cyber vandalism
Answer:
(B) Denial of Service

10) Which of the following is known as electronic defacing of an existing website page ?
(A) Cyber vandalism
(B) Denial of Service
(C) Spoofing
(D) Malicious code
Answer:
(A) Cyber vandalism

11) Which of the following is pretending to be someone you are not, or representing a website as authentic when it is actually a fake ?
(A) Cyber vandalism
(B) Malicious code
(C) Denial of Service
(D) Spoofing
Answer:
(D) Spoofing

12) Which of the following is a computer program that detects, prevents and takes action to remove the malicious codes like viruses, worms and trojan horses from the infected system ?
(A) Antivirus software
(B) Digital certificate
(C) Firewall
(D) Cryptography
Answer:
(A) Antivirus software

13) Which of the following is the transformation of normal text known as “plain text” into unreadable or secret text known as “cipher text” using encryption algorithm ?
(A) Firewall
(B) Encryption
(C) Antivirus software
(D) Digital certificate
Answer:
(B) Encryption

14) Which of the following is the transformation of encrypted text back into normal text ?
(A) Firewall
(B) Digital certificate
(C) Decryption
(D) Virus
Answer:
(C) Decryption

15) Which of the following is a protocol used for securing web transactions on the Internet ?
(A) TCP/IP
(B) HTTP
(C) Bluetooth
(D) SSL
Answer:
(D) SSL

16) Who developed SSL protocol ?
(A) Google
(B) Netscape
(C) Yahoo
(D) Firefox
Answer:
(B) Netscape

17) Which of the following starting address indicates that site is secured by SSL protocol?
(A) http://
(B) ssl://
(C) https://
(D) http-ssl://
Answer:
(C) https://

18) Which of the following provides the author with a tool to protect his/her original work from being used or taken by others without permission ?
(A) Trademark
(B) Copyright
(C) Digital watermarking
(D) Steganography
Answer:
(B) Copyright

19) Which of the following is a specific logo, mark, word, symbol, design, phrase or image which is used by an individual or a company to distinguish a product or service from that of others in the market ?
(A) Trademark
(B) Copyright
(C) Digital watermarking
(D) Steganography
Answer:
(A) Trademark

20) Which of the following is the symbol for trademark ?
(A) TM, MT and ©
(B) TM, MS and ®
(C) TM, SM and ®
(D) TM, SM and ©
Answer:
(C) TM, SM and ®

21) Which of the following is the process of hiding information within other information ?
(A) Squatting
(B) Steganography
(C) Name changing
(D) Copyright
Answer:
(B) Steganography

22) Which of the following is a digital code inserted into a digital image, audio or video file which can identify the file’s copyright information ?
(A) Image mark
(B) Digital mark
(C) Code mark
(D) Water mark
Answer:
(D) Water mark

23) Who issues the credit card and guarantees the payment to the merchant ?
(A) Merchant
(B) Issuing bank
(C) Acquiring bank
(D) Customer
Answer:
(B) Issuing bank

24) Which of the following payment card has a microchip embedded in its surface ?
(A) Smart card
(B) Debit card
(C) Credit card
(D) Charge card
Answer:
(A) Smart card

25) Issuing threat using online medium that may provoke an individual to hurt themselves or others is an example of which of the following ?
(A) Cyber Bullying
(B) Cyber Grooming
(C) Phishing
(D) Spam
Answer:
(A) Cyber Bullying

26) An adult befriending a child online and building an emotional connection with the child is an example of which of the following ?
(A) Cyber Bullying
(B) Cyber Grooming
(C) Phishing
(D) Social Engineering
Answer:
(B) Cyber Grooming

27) Which of the following refers to an unsolicited e-mails that may be of commercial or non- commercial nature ?
(A) Bullying
(B) Spam
(C) Phishing
(D) Grooming
Answer:
(B) Spam

28) Key loggers are example of which of the following ?
(A) Phishing
(B) Malware
(C) Spam
(D) Information Leak
Answer:
(B) Malware

29) Which of the following are threats encountered while accessing an email ?
(A) Social Engineering
(B) Phishing
(C) Spam
(D) All of these
Answer:
(D) All of these

Computer Class 12 GSEB Notes Chapter 5 Introduction to M-Commerce

Introduction to M-Commerce

Mobile Commerce is also known as M-commerce.
It refers to buying and selling of goods or services through the use of Internet enabled wireless devices such as a Mobile phone, Personal Digital Assistant (PDAs), Smartphone, Tablet, Palmtop or any other mobile device.
M-commerce provides the user with the advantage of flexibility and ubiquity.
By using the mobile phone, consumers can conduct business transactions without being fixed at a computer terminal or being physically present at the shop.
These devices are carried by the user wherever he/ she goes, making it possible to access the Internet from any place.
It allows real time transactions while on the move.
As the popularity of smart phone’s and tablets is increasing day by day, more users are moving towards the use of M-commerce.
Some of the examples of M-commerce are :
1. Purchasing airline tickets,
2. Purchasing movie tickets
3. Restaurant booking and reservation
4. Hotel booking and reservation
5. Stock market analysis
Banks and other financial institutions are increasingly using M-commerce to retain their business.
They allow their customers to access account balance, stock quotes, make transactions via mobile phones. This service is known as Mobile Banking or M-Banking.
The stock market services offered via mobile devices is also becoming popular and known as Mobile Brokerage.
News information, sports, entertainment, shopping and reservation areas have also grown with the demand for mobile related services.

Legal Issues in E-commerce/M-commerce

E-commerce as well as M-commerce presents a world of opportunity for doing businesses, reaching global markets and providing facility of online purchasing.
It provides opportunities to improve the business processes.
However, just as any new business has some issues and risks so does E-commerce and M-commerce.
Both of these pose many legal challenges, as it is the activity performed on global Internet without national boundaries.
Every nation has its own rules and regulations.
The major challenges are related to the intellectual property rights, copyrights, privacy and many times the disputes among the parties.
The legal framework is necessary to resolve these issues.
Many countries have already established their legal framework for electronic commerce.
Indian Government has also established the IT laws (Information Technology Laws) under the IT act.
Enforcement of legal rules and regulations provides confidence to the customers that their personal information remains secret and will not be misused.
If it is misused, responsible party can be punished.
This type of security is a must in E-commerce and M-commerce as customers provide their sensitive information like credit card details.
Companies making online business are getting legal support in case of misuse of their logos or any copyright materials like digital content.
Any dispute between two parties can be resolved under these laws.

Caution during an E-mail system Use

Today internet based cyber activities are usedwidely. Though everyone knows about the threats associated with the use of e-mail it is least likely that people may stop using emails. It thus becomes necessary to take precautions when using email for communications so that these threats can be avoided. Following are some of the precautions that should be used as a general guideline by organizations and individuals while using any e-mail system.

(1) Secure the Mail Server Application :

Organizations that host the mail server should make the mail servers as secure as possible.
Mail server user authentication and access and resource controls should be updated and verified on regular basis.

(2) Secure the Mail Client :

Mail clients poses greater risk to security than the mail server as the clients are scattered across.
The mail client security features should be properly configured so as to disable automatic opening of messages, enabling virus check of attachments, creating proper spam filters.
We should avoid using automatic authentication and access mechanism, logging out of the email once the activity is done is always a best option.

(3) Secure the Transmission :

Usually, mail clients send user authentication data and e-mail content in the plain text format.
This plain text data when travels through network can be easily compromised.
An attacker may capture details about the user account or even read the contents of the email.
The best way to avoid this is to encrypt the user authentication as well as e-mail data.

(4) Secure the supporting Hardware and Operating Environment:

The two main components of an e-mail system are : (1) e-mail server (2) mail client
But both e-mail server and mail client rely on the network, hardware and software wherein they are used.
Security of these additional components must be ensured which increase the reliability of the email system.

(5) Don’t open any emails from untrusted sources:

It is always advisable that one should not open any email that has been received from an unknown person. Usually, these mails may be spams or may lead to phishing.
If a suspicious email messageis receivedfrom someone known to you then it is better to check with him/her in person or by phone regarding such a message.

(6) Never open unexpected attachments without scanning:

Email attachments are mainly responsible for spreading a malware or virus on computer systems.
Security experts suggest that one should never open any attachment without scanning even if it has come from a known source.

(7) Choose a strong password :

Normally, people try to choosesimple passwords that they can remember. These small passwords that represent birth date or family member’s name can easily be cracked.
Longer passwords with a mix of small and capital letters, numbers, symbols, and punctuation marks should be chosen for the security aspect as they are difficult to be cracked.Also, password should be changed at regular intervals.
The mailing systems do provide password recovery mechanism based on certain security questions or other parameters. It is advisable to choose/create a strong security question.
For the security of the e-mail systemtwo factor authentication commonly known as 2FA mechanism can be applied. In this mechanism, a password and an answer to a question becomes mandatory for login. Such a mechanism provides two layers of security before the actual data can be accessed.

(8) Keep updated Anti-virus Software :

It is advisable for users to purchase or avail free anti-virus softwares.
Though no anti-virus solution can guarantee defense against every data threat that a user may face, but having anti-virus always gives certain level of protection.

(9) Never access E-mails from Public WiFi :

Public and free WiFi places are good for normal Internet surfing, but activities like accessing personal or official emails and ecommerce transactions should never be done using them.
Public Wifi is a common place for attackers to look for free transmitting data.

(10) Do not leave your Machines Open :

Many people has a habit of leaving their computers (desktop/laptop) open when they move around for few minutes. This habit may result in some serious problem.
It is always a good practise to lock your computer or laptop screen with additional password.
Locking the screen provides an extra layer of security whenever you are away from your machine for a small period of time.

GSEB Computer Textbook Solutions Class 12 Chapter 5 Introduction to M-Commerce

Computer Class 12 GSEB Notes Chapter 5 Introduction to M-Commerce

Leave a Comment Cancel Reply