During 1998, many credit executives were
focusing on the changes in revenue recognition brought about by SOP 97-2 (see Business
Credit, Sept. 1988, SOP 97-2 and Revenue Recognition: Should Credit Executives Know or
Care What it Is?).
In 1999, the most important business development to affect credit
executives may well be E-Commerce (electronic commerce)
You would have to have been off-planet for the past several months not
have heard about E-Commerce. E-Commerce is one of the hottest issues to hit the internet
and commercial businesses since its birth.
Up to now, our knowledge of E-Commerce has primarily been confined to
use by consumers for the purchase of products or services offered by a variety of
purveyors; QVC, E-Trade, On-Sale, E-Bay, Autobytel and numerous catalog houses such as
Lands End, Eddie Bauer, Laura Ashley and Victorias Secret to name a few.
As the costs associated with using the internet for commercial
transactions decreases, and the technology required to support such transactions improves,
more and more commercial firms are setting up their own internet storefronts to distribute
their products and/or services to other businesses. For the corporate or business
purchaser, the seeds of internet commerce were planted in EDI (Electronic Data
Interchange). Through already-established dedicated networks between business suppliers
and their customers, standardized documents move from computer to computer without being
touched by human hands. Putting EDI on the web is now considered as an inexpensive and
familiar method of expanding the concept of electronic business.
Customer demands are driving the speed at which vendors provide
"on-line" capabilities for doing E-Business. Available software and hardware can
now bridge the gap between a companys internal systems and interactive web
applications. Using present-day technology, companies are able to move away from one-way
paper-based documents; i.e., purchase orders, to interactive applications that provide
value added communications for customer relations.
How big will E-Commerce be? According to a special report published by
Merrill Lynch in April 1999, retail sales on the internet should be between $35 billion
and $75 billion by 2002. Some sources estimate that business to business transactions over
EDI is already about $250 billion annually.
Just think of how labor-intensive the present "order-to-cash
process" is: order entry/administration; manufacturing/distribution; shipping;
billing; credit approval/collections and cash application
Through an internet store-front, E-Commerce provides your customers
with a virtual portal to your company, enabling them to: check availability of products or
services; place orders; receive order acknowledgment; receive shipping advice; track order
status; receive billing; make payment and retain transaction records.
Many credit professionals may be concerned that the growing popularity
of E-Commerce may do away with the need for their expertise. Presently, this appears
doubtful. However, most assuredly, the manner in which credit professionals do their jobs
will change when their employers initiate E-Commerce. They definitely will have to keep
pace with the latest technology. As an example, credit checking will have to be done
simultaneously with order receipt. Software presently exists which will perform credit
risk analysis, set a credit limit and/or approve an order without human intervention.
While some of the daily routines that credit executives are accustomed to performing are
becoming automated, nothing will re-place the personal interaction required to maintain
good customer relations. Additionally, companies may be required to make fundamental
changes in the way they behave as organizations, the way they view themselves and, changes
in what things they define as valuable. The challenge that management faces in doing
E-Commerce is to maintain a corporate culture that is strong enough to perpetuate
innovation and loyalty, but flexible enough to withstand great change.
E-Commerce is not without its own pitfalls; security issues, theft and
fraud are just three areas that quickly come to mind. There are also the administrative,
support and capacity issues that are unique to this type of operation.
E-Commerce can be broadly categorized into three categories:
1) User-interactive systems
2) Electronic Mail
3) Electron Data Exchange
User-interactive systems are those in which people are connected
on-line to other computer systems using a connection that is supplied by a company owned
and controlled network or that is supplied by a network provider (Internet Service
provider). These connections are used for the exchange of information either via an
electronic bulletin board for static information that is to be shared by a group. The
other major used of networks today is E-mail that not only contains data like contracts
and other proprietary information that may be business critical. All of these forms of
communications are in a structured, internationally standardized format. Not all
communications are initiated by humans, these systems also have computer driven functions
that may automatically reply or forward information based upon content. Electronic Data
Interchange (EDI) and Electronic File Transfer (EFT) are two such automated systems.
When planning for E-commerce, a company must be concerned with data
theft, data modification, privacy and other legal and liability issues that revolve around
confidential information. There are other issues like authentication of users and systems,
no-repudiation of data, levels of client and employee access to systems, and capacity that
need to be considered before any implementation of a system can begin. There are internal
issues that will also need to be resolved like, system support, response to hackers or
other potential intrusions, system monitoring and financing. All of this must be answered
before the system is put in place to ensure proper security is implemented.
The Internet provides the TCP (Transmission Control Protocol) and the
IP (Internet protocol) address for servers worldwide to be able to identify each
other based on a standard addressing system. It provides communication and application
services to an international based of business, consumer, education, research, government
sites and other organizations. Utilizing an IP address, each user can be granted various
levels of access through a virtual storefront. Setting up specific filters and routing on
your Web servers and Firewall accomplish this. Firewalls allow authenticated users
controlled access to your database. They force traffic of a specific type to go to a
specific location and if they are doing stateful inspection of the data, can even spot bad
data or other packet data that is used to hack into a system.
Stateful inspection is important for a firewalls functionality to be
able to determine if the packet of data traveling through is in fact the actual format
that is expected. This means that the e-mail packet that is being moved through your
firewall is in fact in the correct format, size and type to be e-mail packet and not
another type of packet that has been disguised to look like e-mail by an intruder. This is
why UDP traffic is so dangerous, it has no state and is simply an open port that allows
any type of traffic through. UDP communications is used for example by real time audio.
Use of Routers in front of and behind firewalls further enhances the
capabilities of your system to protect its self via address translation. This is to
say that the address that is seen on the Internet is not the actual address of the
equipment inside your firewall.
Through the use of encryption software, and digital certificates users
can secure their individual data better and the merchant can be assured of authenticity of
the client. Encryption should be used from before the connection is made so that passwords
and IDs do not pass across you network in the clear where they can be recorded and
then re-used. Digital certificates not only authenticate the transmission of data, they
also prevent the data from being transmitted more then once. User authentication and
application authentication aids in the safe movement of mission critical data.
Secure Electronic Transmission (SET) is a standard for electronic
commerce that has been developed by Visa and Master Card. The intent of this standard has
several implications. It standardizes the encryption (DES) to be used. It sets up
standards for implementations of digital certificates and other controls that will be used
for the protection of e-commerce traffic.
The primary problem with e-commerce today that is also not being
address is management of digital certificates and possibly the use of electronic tokens.
Management of these systems is business critical and needs to be supported from highest
levels of management to be successful. The complete architecture of a network and all of
its access points needs to be identified and then a structure for secure communications
needs to be built.