Anda di halaman 1dari 17

Analysis for E-Commerce -Focusing on Online Purchasing

in Taiwan

ECE578 Final Project Report


Dr. Cetin Kaya Koc
Wen-Chun Yang
Oregon State University

Analysis for E-Commerce


Focusing on Online Purchasing in Taiwan
Wen-Chun Yang
Oregon State University
Abstract
As technology improves, people purchase more goods
without leaving the house. How can they do this? They can do
this via the Internet and can buy anything from different
countries. Online purchasing really brings out another
shopping market place to society. However, how can the
consumers feel comfortable and safe after placing their
orders online without worrying that his/her credit cards
might be used in other transactions? How can users trust a
third party and be willing to make the order online. This
issue has become a problem for the retail industry.
In this project, I will focus on all the information
related to the electronic commerce (e-Commerce) and list all
the pros and cons for different online shopping styles. In
addition, I will analyze the difficulties for online
purchasing behaviors in Taiwan.

Keyword
E-Commerce; cryptography; online purchasing; the third
party.

I. INTRODUCTION
As

technology

improves,

people

purchase

more

goods

without leaving their home. How can they do this? They can
do this via the Internet and can buy anything from different
countries.
shopping

Online

market

purchasing

place

to

really

society.

brings

However,

out
how

another
can

the

consumers

feel

comfortable

and

safe

after

placing

their

orders online without worrying that his/her credit cards


might be used in other transactions[1]? How can users be
made to trust a third party and be willing to make the order
online, has become a problem for the retail industry [2].
As cryptographic engineers, what we need to worry about
is

how

to

purchasing

provide

environment

difficulties

in

this

suitable
for
issue,

and

society.
for

worry-free
There

example,

online

are

the

many

security

problem could be the biggest concern. There are still many


concerns in this subject, which motivate the cryptographic
engineers to research this topic to figure out a better way
to solve this problem. For instance, is it safe to share
personal financial information with a third party? Is the
purchased transaction safe while it is on the way to the
bank?
In this project, I will focus on all the information
related to the e-commerce and list all the pros and cons for
different

online

shopping

styles.

In

addition,

will

analyze the difficulties for online purchasing behaviors in


Taiwan.
The rest of the paper is organized as follows. Section
II talks about the preliminaries. Section III defines the Ecommerce

and

vulnerabilities.

Section

IV

presents

the

difficulties

for

online

purchasing

behaviors

in

Taiwan.

Section V concludes this paper.

II. PRELIMINARIES
There are many terminologies used for Cryptography and
network
computer

security,

which

security,

will

network

be

introduced

security,

as

internet

follows:
security,

services, mechanisms, and the OSI security architecture.


Definition
A Computer Security is the generic name for the
collection of tools designed to protect data and to thwart
hackers [3] [4] [5].
A Network Security is the measurement for protecting
data during their transmission [3] [4] [5].
An Internet Security is the measurement for protecting
data during their transmission over a collection of
interconnected networks [3] [4] [5].
A Service is something that enhances the security of
the data processing systems and the information transfers of
an organization. It intends to counter the security attacks
and makes use of one or more security mechanisms in order to
provide

the

service.

Also,

it

can

replicate

functions

normally associated with physical documents [3] [4] [5].


A Mechanism is designed to detect, prevent, or recover

from a security attack. There is no single mechanism that


will

support

all

the

required

functions.

However,

one

particular element underlies many of the security mechanisms


in use, which is a cryptographic technique [3] [4] [5].
The OSI security architecture is useful to organize
the task for providing security. Due to the fact that, it
was defined as an international standard, the computer and
communication
services

vendors

related

to

have
this

developed

their

structure.

It

projects

focuses

on

and
the

security services, mechanisms, and attacks.

MOTIVATION
Reliability is one of the major problems in e-Commerce.
How

to

make

people

trust

the

system

and

start

making

purchases on the Internet become the motivation for the


Industry and the engineer. In order to realize the solution
for

solving

this

issue,

one

has

to

understand

the

OSI

security architecture.
As mention in the previous section, there are three
topics included in the OSI security architecture, which are:
security

services,

security

mechanisms,

and

security

attacks. X.800 and EFC 2828 are the standards, which define
the

security

service

[3]

[4].

The

International

Telecommunication Union (ITU) recommends X.800 should be

used

for

defining

the

OSI

security

architecture,

which

defines it in five major categories and would be discussed


in the next sections [3] [4]:

Authentication the assurance that the communicating


entity is the one claimed [3] [4].

Access Control the prevention of the unauthorized use


of a resource [3] [4].

Data Confidentiality the protection of data from


unauthorized disclosure [3] [4].

Data Integrity the assurance that data received is as


sent by an authorized entity [3] [4].

Non-Repudiation the protection against denial by one of


the parties in a communication [3] [4].

III. E-COMMERCE AND VULNERABILITY


As technology improves, the Internet and World Wide Web
(WWW) have been used for commercial purposes increasingly
[6]. People start their business by putting the goods on the
Internet

and

creating

the

website

to

show

people

their

products in order to sell.

In addition, this market becomes

better

up

and

widely

opens

to

everyone

in

the

world.

However, the biggest issue of this market is still security


and so far there is no good solution for this. How do people
know this online purchasing is worry-free? How much security

is enough for the online business? Those are the issues that
people are still arguing about, which will be discussed in
the next sections.
Before

using

the

computer

system

or

installing

new

software, a prudent organization will check the system in


order

to

ensure

organization

can

that

it

determine

provides
the

enough

security

security.

of

An

computing

system by measuring the cost of finding and exploiting a


security

vulnerability

in

that

system

[7]

[8].

This

measurement is most effective when people also know how much


security the organization requires. In order to answer how
much security is enough, one must first determine what types
of advantages are needed in order to defend against the
hackers and what choices are for each adversary type[7].
However, the current rapid development for both the new
Information Technology and the e-Commerce has resulted in a
strong demand for reliable and secure copyright protection
techniques

for

multimedia

data

[9].

Two

of

the

recent

solutions introduced here would be the design of buyerseller

watermarking

protocol

without

trusted

third

party[9], and browser spoofing attach, which can break the


weakest link from the server to use[10].
First, the technique introduced in [9] is about how to
protect

both

seller

and

buyers

rights

and

buyers

anonymity.

[11]

watermarking

proposed

protocol,

which

an

anonymous

does

not

buyer-seller

take

the

buyers

right into consideration since the seller might be able to


change

or

recreate

the

buyers

transaction

if

he/she

includes the watermark certification authority and extra


required information for the credit card companies [10]. It
needs a trusted third party for its security. However, the
authors in [10] propose a secure buyer-seller watermarking
protocol
secure

without

commutative

protocol[10],

but

trusted

third

party.

It

cryptosystems

to

this

higher

causes

the

applies

the

watermarking
computational

complexity and communication pass number in the watermark


generation step compared with [11].
Another technique introduced in [10]
attack,

browser

spoofing

that

makes

is an effective
the

browser

un-

trustable. It is developed to show the trust path from user


side to the web browser is still weak, even though some of
the security protocols like SSL are secure enough for endto-end security [10]. It also shows that this weakness still
exists between the user and its browser and it is still
dangerous
programming

to

make

online

languages(i.e.

properties(i.e.

form

activities
Java,

functions,

although

JavaScript)
frames)

do

and

all

the

dynamic

provide

rich

effects[10]. However, the author from [10] has made some

suggestions about how to make the online activities more


secure by integrating the systematical defense technologies
in order to trust on the web browser. The more complicated
the strategies, the more user involvement. The less possible
the

attackers

following

up,

the

more

trustworthy

the

content [10]. Then, the challenge is how to balance the


tradeoff between trust and ease of use.
The future directions for this study are introduced in
[9] [10], which give us another different opinions about how
to
Figure out the solutions or vulnerabilities for e-Commerce.

IV. ONLINE PURCHASING BEHABIOR IN TAIWAN


The

online

section

would

access(i.e.

purchasing
be

behavior

based

broadband

on

the

discussed

in

traditional

connection,

dial

up

this

Internet

connection,

etc.) and the mobile Internet, which is using personal


mobile

to

access

the

Internet.

According

to

survey

conducted by FIND of ECRC-III in August 2002[12] [13],


more

than

possessed

seven

out

computers

and

of

ten

over

households

five

had

in

access

Taiwan
to

the

Internet. Among those connected to the Internet, nearly


73% subscribed to broadband connection[12][13].
Department of Industrial Technology (DOIT, Ministry

of Economic Affairs) commissioned ECRC-FIND to conduct a


survey

measuring

ICT

Information

Communication

Technology) access and use by the households in Taiwan.


This survey was conducted on the phone from July 24 to
August seventh in year 2003; 18,113 interviewees of the
age of 15 and above were interviewed[12][13][14].
This survey intended to grasp the complete picture of
how households in Taiwan used the Internet, including
such

areas

as

online

shopping

from

home

and

the

households' users behavior, needs and problems. Major


findings of the survey are as follows[12][13][14]:
1) 57% of households were connected to the Internet
With ISPs' promotion of broadband connection and free
dial-up accounts, an increasing number of households in
Taiwan

had

access

to

the

Internet.

To

the

point

of

survey, 57% of households were connected the Internet,


compared with 53% in year 2002. 71% of households in
Taiwan

had

computers

and

22%

of

them

have

online

purchasing experiences in year 2003[12][13][14].


2) PCs are the major devices accessing to the Internet
The majority of the households accessed the Internet
by desktop PCs (96%, Macintoshes included). A few used
notebooks (16%) and wireless devices (14%)[12][13][14].
3) 73% of households subscribed to broadband connection;

ADSL became the mainstream


According to the survey, nearly 73%of the households
in Taiwan accessed the Internet by broadband (ADSL and
cable modem), four percent by narrowband, and less than
one

percent

by

wireless

means

(see

table

1)

[12][13]

[14].
In

2003,

ADSL

was

the

primary

method

of

household

Internet access (66%). The market sharing was different


from

the

same

period

in

2002

and

2001

when

most

households accessed the Internet by dial-up (43 to 63%)


and

ADSL

accounted

for

only

30

to

51%.

Apparently,

broadband connection, ADSL in particular, has become the


dominant

method

for

households

to

access

the

Internet(see table 1) [12][13][14].


Connection
2003(%) 2002(%) 2001(%)
Broadband
73
58
40
ADSL
66
51
30
Cable Modem
7
8
10
Fiber-Optic Broadband
0.8
ISDN
0.2
Dial Up
26
43
63
Free Dialup
4
10
Paid Dialup
22
35
Wireless
0.4
1
1
Mobile Internet
38
Table 1: Ways to access Internet in Taiwan.
Information is from FIND.
4) Problems bothering Internet users at home
More households with narrowband access have complaint

10

than households with broadband access. The most common


complaint made by Internet surfers at home was the slow
connection

speed,

followed

by

uneasy

and

unstable

connection [12][13][14].
5) Online shopping at home still not popular
Although many Internet surfers at home visit the ecommerce
online

websites,
shopping.

only
Out

few

of

of

ten

them

actually

interviewees,

six

did
had

collected product/service information on the Internet,


only

two

really

made

were

the

convenience
stimulated

Internet

online

users

two

purchases.
major

to

shop

Price

and

incentives

online;

so

that

was

the

heterogeneity of products offered online. The idea of


online shopping is not yet popular in Taiwan probably
because many physical shops are already in place in the
highly populated country[12][13][14].
However,
different
survey

the

Internet

results

questions

survey

compared
in[15]

with

are

data

from

[15]

[12](Note

contained

shows

that

with

the

multi-

choices. Therefore, the percentages shown here would be


equivalent

to

100.)

This

survey

was

conducted

on

the

Internet from December fourth to December 31st in year


2003. Since year 2002, 90% of the interviewers choose to
use broadband connection since the speed is faster than

11

other

kinds

of

connections.

Also,

64%

of

those

interviewed had made online shopping experiences already


comparing

with

57%

in

year

2002.

33%

of

them

have

purchased more than seven times in six months comparing


with the 13% in year 2002. In addition, the survey also
shows that the amount of money spent from the online
purchasing has increased more than 10,000 NTD from 18%
in 2002 to 26% in 2003 [15]. 89% of those interviewed
are satisfied about their online shopping experience and
70% of them will purchase online again in the next six
months.
Those
online

online

shoppers

purchasing

do

about

enjoy

making

the

convenient

purchasing

of

online;

however, they also worry about the information security


while

making

the

transactions.

According

to

the

data

shown in [15], 15% of the interviewers worry about their


privacy would be invaded by others. 37% of them do not
shop

online

due

to

the

security

considerations.

For

instance, 82% of them would consider about the security


of

personal

information

before

purchasing

online,

and

70% of them would only purchase goods from the website


that provide the SSL shopping environment. Those results
show that information security is really a big issue for
the online shoppers. In addition, how to build a worry-

12

free shopping environment and earn the shoppers trust


are the clues for having a success online business in
Taiwan [15].
From [15], another interesting result shows that 73%
of the online shoppers knows that the transactions need
to be done with the SSL environment. Also, 92% of them
would pay attention to what website would provide the
SSL

shopping

those

environment.

interviewed

would

Nevertheless,
care

about

only

the

68%

of

information

security while making the online purchasing.

V. CONCLUSION
From the previous section, authors in [12][13][14][15]
show online purchasing become more accepted by the society
in Taiwan. However, the latest research [16] shows that the
percentage of using mobile to access Internet in Taiwan
(33%) is still lower than Japan(65%), South Korea(52%), and
Hong Kong(44%)[15]. In order to predict the future work of
the worldwide mobile Internet access, Taiwan, Japan, South
Korea, Hong Kong, Greece, and Finland have come together
into the Worldwide Mobile Internet Survey (WMIS) activity.
Using online questionnaires to get the information about
accessing Internet through the mobile devices from October
to November in 2003[15].

13

From the results, the process for using mobile device to


access Internet in Taiwan is still too small comparing with
Japan, south Korea, and Hong Kong. The low connection fee is
the main reason why the scale in Taiwan is worst than other
countries[15]. However, this activity shows the trend of
using mobile device to access Internet worldwide. Most
people use mobile to access Internet while taking the
transportations or waiting for sometimes from time to time.
In addition, this also gives the retail industry another
good chance to create its business. How to make the website
more accessible through different kinds of connection
devices. In this way, the e-Commerce market in Taiwan would
be better and it would be more beneficial to the Internet
users in Taiwan.

14

BIBLIOGRAPHY
[1] E-Taiwan Project Office, Cyber-attacks Batter Web
Heavyweights.
http://www.etaiwan.nat.gov.tw/content/application/etaiwa
n/general/guest-cnt-browse.php?
grpid=5&vroot=&cntgrp_ordinal=00070001&cnt_id=843.
December 2003.
[2] National Information and Communications Initiative
Committee. Report for different Internet Usage.
http://www.nici.nat.gov.tw/content/application/nici/gene
ral/guest-cnt-browse.php?
grpid=5&vroot=&cntgrp_ordinal=00060004&cnt_id=229&listty
pe=. June 2003.
[3] Stallings, William. Cryptography and Network Security:
principles and practices. 3rd ed. Prentice Hall. 2003.
[4] Stajano, Frank. Security for Ubiquitous Computing.
Wiley. 2002.
[5] Deloitte and Touche. E-commerce Security: Security the
Network Perimeter. Information Systems Audit and
Control Foundation. 2002.
[6] Ibrahim, M.T., Hamdolah, M., and OBrien,P.T.R..
Analysis and Design of e-Commerce Applications on the
Web: A Case study of OO Techniques and Notations.
Proceeding of fourth International Conference. pp.315327. September 2003.
[7] Schechter, S.E., and Smith, M.D.. How Much Security Is
Enough to Stop a Thief?: The Economics of Outsider Theft
via Computer Systems and Networks. Proceeding of
seventh international Conference. pp. 122-137. January
2003.
[8] Schechter, S.E.. Quantitatively Differentiating System
Security. The First Workshop on Economics and
Information Security. 2002.
[9] Choi, J.-G., Sakurai, K., and Park, J.-H.. Does It Need
Trusted Third Party? Design of Buyer-Seller Watermarking
Protocol without Trusted Third Party. Proceeding of
first International conference of ACNS. pp.265-279.
October 2003.

15

[10]Li,T.-Y., and Wu, Y.. Trust on Web Browser: Attack vs.


Defense. Proceeding of first International conference
of ACNS. pp.241-253. October 2003.
[11]Ju, H.-S., Kim, H.-J., Lee, D.H., and Lim, J.I.. An
Anonymous Buyer-Seller Watermarking Protocol with
Anonymity Control. Proceeding of ICISC2002. pp. 421432. 2003.
[12]ACI-FIND. survey measuring ICT ( Information
Communication Technology) access and use by the
households in Taiwan.
http://www.etaiwan.nat.gov.tw/content/application/etaiwa
n/general/guest-cnt-browse.php?
grpid=5&vroot=&cntgrp_ordinal=00070001&cnt_id=843.
December 25th,2003.
[13]ACI-FIND. survey for WMIS activity.
http://www.find.org.tw/0105/howmany/howmany_disp.asp?
id=69. March 1st, 2004.
[14]ACI-FIND. Households Online in Taiwan 2002.
http://www.find.org.tw/eng/news.asp?
msgid=17&subjectid=4&pos=0. January sixth, 2003.
[15]Yam.com. survey measuring online user behavior in
Taiwan. http://survey.yam.com/survey2003/chart/. 2004.
[16]ACI-FIND. survey for WMIS activity.
http://www.find.org.tw/0105/howmany/howmany_disp.asp?
id=66. December 30th, 2003.

16