Anda di halaman 1dari 268

Electronic Business on the Internet

- Tutorial -

How to Make Your Own E-Commerce Site:

The Design Engineer Viewpoint

Authors: Marjan Mihanovic, marjanm@eunet.yu

Dusan Dingarac,
Zoran Horvat, zoranh@eunet.yu
Miodrag Stefanovic,
Prof. Dr. Veljko Milutinovic,
What will you learn from this tutorial?
This Tutorial will guide you through the following sections:

You will become familiar with some basic techniques and terminology.
YAHOO! Store
The easiest way to make your business Internet-enabled
Software package, intended for creating more advanced eCommerce
solutions, still very easy to use.
What is Secure Socket Layer, and why is it so important?
Microsoft Site Server Commerce Edition
The most powerful tool,
for the large and most advanced e-commerce solutions.
E-Xact Online Payment System
How does payment transaction really works.

Page Number: 2/268 Made by: Ifact

Introduction to E-Commerce

E-Business - The shape of things to come


E-business has made lots of innovations in modern business.

Today, the most important way of doing E-business
is over the Internet.
Old kinds of E-business systems are either canceled
or improved so they can work over the Internet.
In the next two years
one percent of World Trade will go over the Internet
(billions of dollars).

Page Number: 4/268 Made by: Ifact


By using modern techniques such as:

World Wide Web (WWW)
Virtual Private Network (VPN)
Secure Socket Layer (SSL) encryption
Business over the Internet is opening
a whole new world of opportunities:

Page Number: 5/268 Made by: Ifact


Better communication inside company (Intranet)

Geographical location of company parts
became transparent (VPN)
Collaboration with distributors and suppliers on scheduling
Forecasting, and just-in-time
replenishment of supplies (Extranet)
Telecommuting (employee can do his/her job from home)...

Page Number: 6/268 Made by: Ifact


The most interesting part of E-business over the Internet

(also called I-business)
is E-commerce over the Internet (I-commerce)
Over 170 000 000 people,
that were using Internet on 1.1.2000.,
can be potential customers
Number of Internet users doubles every three years
The most important thing for I-commerce is web store;
a place where you can show and sell
your goods to Internet users.

Page Number: 7/268 Made by: Ifact

Web store

Having web store is much cheaper

than having a classical one
For web store you don't have to pay dozens of bills:
city taxes
You don't need to worry
if your store is in a good location for customers
Also, you don't need any salesmen.

Page Number: 8/268 Made by: Ifact

Web store

Your store is working non-stop:

24 hours per day
7 day per week
365 (366) days per year
Your customers from all over the world
can spend their money without any time-zone limits.

Page Number: 9/268 Made by: Ifact

Web store

Internet is one giant market

where you can sell your goods to anyone, anywhere
A number of countries that had been marginalized
by their geographical position
take extremely active interest in E-commerce
With E-commerce those countries can move
to the center of the virtual geography
With your own Web store
hundreds of millions of people
are just one click away from your business.

Page Number: 10/268 Made by: Ifact

Web store

Let us see what is needed to open a new web store:

1. Getting an Internet Merchant Bank Account
(account that enables credit card transactions over the Internet)
2. Web Hosting
(getting WWW space with some Internet provider)
3. Obtaining a Digital Certificate
(obtaining initial keys for encryption, etc)
4. Finding a Provider of Online Transactions
(middleman between your customer and your bank)
5. Creating or Purchasing a Shopping Cart Software
(getting hold of the web store infrastructure: sw-shelves, etc)

Page Number: 11/268 Made by: Ifact

Internet Merchant Bank Account

In order to be able to accept

credit cards over the Internet,
you must apply to your bank
for an Internet Merchant Bank Account
Depending on which country you live in
and what bank you are with,
this can be relatively easy or somewhat difficult.

Page Number: 12/268 Made by: Ifact

Internet Merchant Bank Account
In the U.S.A.:
In the USA, this is a fairly simple procedure
Many banks offer Internet Merchant Accounts,
and most Online Transaction Providers will support them
Contact your bank for details.

Page Number: 13/268 Made by: Ifact

Internet Merchant Bank Account

Majority of Online Transaction Providers

are located in the USA
They are restricted in their ability
to interact with banks outside their own country
International merchants have very little choice
An international merchant has to find a way:
to get a US merchant account
to find a local Online Transaction Provider
or utilize one of the few companies
that services the international market

Page Number: 14/268 Made by: Ifact

Internet Merchant Bank Account

Many banks outside the US

have very restrictive policies
regarding Internet accounts
Luckily, the situation is improving
Most Online Transaction Providers will help you with this
if you get in touch with them.
EU has recently adopted a recommendation
aimed at making E-commerce easier
(liberal domain assignments, intl Internet banking, etc)

Page Number: 15/268 Made by: Ifact

Internet Merchant Bank Account

Keep in mind when you apply for a Merchant Bank Account:

A US merchant account can take
up to a month to come through
If you already have a merchant bank account,
you will probably also need to upgrade it
to an Internet account
Ensure that your bank accepts Internet merchant accounts
and has credit card processors that can connect to
FDC, Paymentech, or CyberCash (alternative payment methods)
Your account must be able to handle
Card Not Present transactions (important!).

Page Number: 16/268 Made by: Ifact

Web Hosting

Web hosting is a very important step in this process

This is how you gain a presence on the Internet
in the first place
It is important that the web hosting company
is capable of providing you with the level of service
that you need to maintain your Web store
A few things to look for are:
Good uptime (over 99,5% guarantied)
Good technical support (your store is working non-stop)
Fast connection to the Internet
Staff that is knowledgeable about E-commerce
Compatibility with major E-commerce providers
Classified statistics of access to your Web site

Page Number: 17/268 Made by: Ifact

Web Hosting

It is always good to spend some time

when choosing a Web hosting company
There are many 'fly-by-night' businesses out there
(if you are working globally, night jobs are not wanted)
For the money you're spending,
make sure that the company is reputable.

Page Number: 18/268 Made by: Ifact

Obtaining a Digital Certificate

A digital certificate (SSL Server Certificate),

enables SSL on the Web server
SSL protects communications,
so you can take credit card orders securely
It ensures that hackers cannot eavesdrop on you
Any E-commerce company will require you
to have SSL before you can use their services
For most people
obtaining a digital certificate is not a problem
For a minimal fee,
one can usually use the certificate owned by
the Web hosting company where your page resides.

Page Number: 19/268 Made by: Ifact

Obtaining a Digital Certificate

If you are a larger company, however,

you may want to get your own digital certificate
(for CC processing and/or for processing of sensitive data)
A certificate costs about $150.00 per year
and can be obtained from
Verisign (
Thawte (

Page Number: 20/268 Made by: Ifact

Provider of Online Transactions

Before you start looking for a provider,

you should stop for a moment
and consider what exactly you need
How many transactions do you expect
to be completed in a month?
How many products do you have
to put on your web site?
How complex does the software need to be?
How much are you willing to spend?

Page Number: 21/268 Made by: Ifact

Provider of Online Transactions

There are a lot of online transaction providers

They offer all kinds of packages
Decide on a provider's package that fits your needs
This is perhaps the most important aspect
in creating an E-commerce Web site.

Page Number: 22/268 Made by: Ifact

Shopping Cart Software

Shopping cart software is the most popular

and the most widely used concept of Web store architecture
There are many other types of software
that you can use in your store,
such as catalog software or a flat order form
Creating or purchasing a Shopping Cart Software?
Creating can be very complicated without proper tools
Creating can be very expensive.

Page Number: 23/268 Made by: Ifact

Shopping Cart Software

Many Online Transaction Providers will have

shopping cart software that comes with their service,
but it can often be very expensive
Another possibility is a package that offers it as a rental
included in the monthly service charge,
or one that offers a simple flat order form
Maybe purchasing of good tools is the best solution
(ecBuilder or Microsoft SSCE;
Yahoo! Store is a ready-to-use Web store).

Page Number: 24/268 Made by: Ifact

Shopping Cart Software

Generally it is possible to find

three different types of Web store
Three types of Web store creating and shopping cart software are
best represented with three examples
discussed later in this tutorial:
1) Yahoo! Store
2) EcBuilder
3) Microsoft Site Server Commerce Edition

Page Number: 25/268 Made by: Ifact

Credit Card

The most widely used way of purchasing

over the Internet is Credit Card
The consumer surfs the Internet to the merchants Web site,
where he/she decides he/she wants to buy something.
The consumer is moved to the online transaction server,
which ensures security.
Transaction (credit card billing) is passed
through private gateway to a CC Processing Network,
where it is completed (or denied).

Page Number: 26/268 Made by: Ifact

Credit Card

System of validating card data

and making a transaction is shown on this picture

Other Merchant Sites

Consumer Online
Internet Site
Server Bank
Other Merchant Sites issuing and acquiring
Private Gateway

Page Number: 27/268 Made by: Ifact

Electronic Cash

Contrary to Credit Card,

Electronic Cash is informational equivalent
of physical banknotes and coins.
It is perfect for so-called micropayments
(such as paying $0.10 for the one-time use of software
or $0.19 for reading a literary essay)
Electronic Cash can offer such benefits as
anonymity of the buyer
global acceptance...
but Credit Card will be dominant for at least the next few years.

Page Number: 28/268 Made by: Ifact


When the Web store is ready for customers,

marketing your site is very important:
Submit your site to as many search engines as possible
Try finding Web sites with similar themes
and make deals to create reciprocal links
Create an advertising banner
and purchase space from a popular Web site to display it
Put your URL in the signature file of your email
and the header of all business correspondence
Word of mouth is very powerful on the Internet;
tell all of your friends about your page
Avoid spamming - it is a sure way to get a very bad reputation.

Page Number: 29/268 Made by: Ifact

... and Planing

Investigate the web sites that are possible rivals

and formulate a strategy for competing against them
If you anticipate a lot of growth
in the amount of orders coming through your site,
figure out how you are going to cope with
the increased load before you get swamped.

Page Number: 30/268 Made by: Ifact

Yahoo! Store
Introduction to Yahoo! Store
Yahoo! Store is a powerful tool for building e-Commerce sites.
It can be accessed on the Internet address
Basic advantages
Low cost for small stores,
thus highly applicable to small business solutions
Intuitive interface, easy to use
Results are visible immediately
Powerful support provided by Yahoo! on a number of topics
concerning e-Commerce and e-Business

Page Number: 32/268 Made by: Ifact

Introduction to Yahoo! Store

Basic disadvantages
Cannot create original look of the e-Commerce site;
sites on Yahoo! Store look similar to each other
no matter what effort was taken for visual design.
That is because all sites are forced to have the same structure,
and only graphical elements and their arrangement on the screen
may be partially different
Company still needs its own server
in order to use most advanced capabilities of Yahoo! Store
(e.g. custom functions for tax and shipment calculation).
If company owes a server (virtual or real),
it can use other tools (such as ecBuilder)
to create more flexible e-Commerce site.
Yahoo! Store certainly cannot fulfill all e-Business demands
asked by big companies

Page Number: 33/268 Made by: Ifact

Registering With Yahoo!
Yahoo! Store IDs are maintained on the level of Yahoo!
(not on the level of Yahoo! Store),
so once you get an ID, you can access all Yahoo! services
Obtain Yahoo! ID by registering at
or at
This ID offers pass to Yahoo! services like:
mail at,
e-Commerce at, etc.
If you are already using some of Yahoo! services,
you do not need to register again;
just use the same ID to create the store.
Once logged on, the welcoming screen will be shown.
You may take a look at some featured stores
by clicking on appropriate links,
or you can take a search in order to find some specific store
by using the Search field.

Page Number: 34/268 Made by: Ifact

Creating the Store

First step in
creating your own
store is to click on
Create a Store
This action leads
to the store editor.

Page Number: 35/268 Made by: Ifact

Creating the Store

In order to create a store, the user is prompted for:

ID of the site - this field also becomes the address of the site;
complete address of your store after publishing will be, where xyz is ID you typed.
It should be clear that once entered ID cannot be changed
later since it is the WWW address, as well:
user must be very careful when selecting this item.
It also has to be checked whether the specified ID is already in use:
if so, another ID should be entered.
Name of the site - this field is in fact the name of the company.
Whatever is written as name, it will be shown at the top
of the front page of the site.

Page Number: 36/268 Made by: Ifact

Creating the Store Final Step
Suppose at this moment that we
are featuring a company named
Raspberries, Inc., which offers
ecological fruit: raspberries,
blackberries, and strawberries.
Each fruit is offered in a number
of forms: fresh, frozen, juice, etc.
First we want to create the store
for our company: we may type
rasp in the ID field, and
Raspberries, Inc. in the name field.
Thus, our WWW address will be:,
and heading on our front page
will read Raspberries, Inc.

Page Number: 37/268 Made by: Ifact

Instructions by Yahoo!

After clicking at the Create button, a screen with instructions

will be shown. There you will find some important
information about your future store:
An account we have just created is temporal;
transforming this account into real one will be presented later.
This temporal store will be treated for ten days,
and after that it will be automatically deleted.
(Whenever you log onto your store,
current day countdown will be shown,
just to remind you that your store will be deleted
if account is not transformed.)
During the test period of ten days, the site will be fully operational,
except that orders from customers will be scrambled;
it means that your temporal account cannot be used to make profit
until it is converted into a real account
(the submitted CC# will not be visible to the store owner, etc...).

Page Number: 38/268 Made by: Ifact

Types of Pages on the Store

Each store has three types of pages:

Front page - the first page of the site
Section pages - each section presents separate items for sale,
showing only the most necessary properties
of each item (such as price)
Item pages - each item is represented on a separate page,
containing all important data (price, design, size, quantity, etc.)
Links to section pages are provided on the front page.
Each section page contains names and pictures
(if provided) for items in that section.
By clicking on some item, the appropriate item page is loaded.
Items can be put directly onto the front page,
without creating sections at all.
This option is preferable when only a few items are offered.

Page Number: 39/268 Made by: Ifact

Preparing to Edit the Store

After signing
with Yahoo!,
the screen
with options
will be
The key page;
each one of
the 8 sections
contains links
to vital
Only manager
can access
this page; not
the shopper.

Page Number: 40/268 Made by: Ifact

Selecting the Interface

At this moment, we are interested in the Edit section,

which allows us to edit our store.
Three options in this column represent three types of interface:
Simple Interface - shows only the necessary options
for store building
Regular Interface - shows some additional options,
which allow the user to create a better visual look of the store
Advanced Interface - shows the complete Yahoo! Store functionality;
its use is recommended to experienced programmers only.
The three options differ in the amount of tools available for edit
Only the last option allows links to other sites for extra functions
In the Edit section, click to link Simple,
in order to step into Simple Interface for store building.

Page Number: 41/268 Made by: Ifact

Simple Interface at First Glance
After stepping into Simple Interface,
a line with options will be shown
at the bottom of the screen.
Also, online help will be available.
Click to Hide Help button, if you want
to remove help from the screen.
It is recommended for new users to
leave online help visible for a while.
Online help is initially shown for
Simple Interface, and for Regular and
Advanced Interface it is initially
In all interfaces, help can be
toggled on/off with a single click.

Page Number: 42/268 Made by: Ifact

Initial Look of the Front Page
Now we shall add content
into our store: we should
create sections for different
kinds of items, and then fill
each section with
appropriate items.
Before sections and items
are added, our front page
shows only the heading.
Font, size, face color, and
background color are all
set to defaults.
We shall see later how
these properties can be
changed in order to meet
our special demands.

Page Number: 43/268 Made by: Ifact

Menu Bar at the Front Page

The line with options at the center of the page is context-sensitive.

Previous figure shows its look at the front page of the store.
It will look partially different on section and item pages.
Light yellow buttons on the bar are available.
Grayed buttons are unavailable.
For instance, last button which reads Published
shows that our site is currently published
and another publishing is meaningless.
When we make some changes,
this button will read Publish and will be available.
The first button is Edit. It allows us to edit the current page,
in this case the front page. This option will be used
to change some general aspects of the front page.

Page Number: 44/268 Made by: Ifact

Page Variables
If we click the Edit
button at the front
page, another page
with properties of the
front page will load.
Properties are referred
as Variables.
Each page contains a
number of variables
that describe all
relevant details of its
look and structure.
The site creation
activity boils down to
the changing of the
values of relevant

Page Number: 45/268 Made by: Ifact

Variables for Front Page

Field names on this form are self-explanatory:

Page-title shows title of the browser window
Page-elements is the list of elements
that should be shown on the front page
Image field allows us to upload an image,
which will substitute the name of the company
Image-format shows three possible positions of the image:
left, banner, and unconstrained
Buttons field is also a list, containing buttons
that should be shown on the left margin of the front page
Message contains text that should be written under the store title.
Some other fields will be explained later.

Page Number: 46/268 Made by: Ifact

Changing Some Variables

At this step, we will enter the page title and the logo message.
Let page title be: Green food from Serbia.
If no page title is entered, store title will be used instead
(in our case, Raspberries, Inc.).
Message might be assumed as company motto,
e.g. Our fruit knows of no chemistry.
We also may upload a title image by pressing
the Upload File button at the appropriate row.
If this image is loaded, it will be used instead of the store title,
i.e. instead of Raspberries, Inc.
Note that page loading time will be longer when the uploaded
image is bigger. It is highly recommended to upload
images smaller than 20kB, in order to keep high performance.

Page Number: 47/268 Made by: Ifact

Creating New Section

Now we may create sections on our front page.

We will make three sections:
Fresh Fruits
Frozen Fruits
Finished Products
In order to create a section,
you should click onto the New Section button on the menu bar.
Then, you will be prompted for name and caption
of the new section.

Page Number: 48/268 Made by: Ifact

Creating New Section

To finish section creating,

click the Update button.
In the same manner,
another two sections
can be created.
After each section is
created, appropriate
section page is loaded.
In order to return to the
front page, click Home
button at the left margin
on the section page.

Page Number: 49/268 Made by: Ifact

Selecting General Look of the Page

Now we may take some time to change the general look

of the front page.
The simplest way to do this is to click the Look button
on the menu bar.
After that, another line with buttons will load,
containing general templates.
Each look can be selected by simple clicking
on the appropriate button. You may feel free to
experiment with different styles, in order to find
the one which best fits with your store style.

Page Number: 50/268 Made by: Ifact

Selecting General Look of the Page

Figure shows one possible look of

our front page (style Soft on the
menu bar). It is important to know
that all pages (currently our three
section pages) will share the same
Note that the menu on the left
margin contains three buttons,
each of them leading to one
of our sections.
It is highly recommended that all
pages on the site have the same
general visual properties, in order
to set impression of stability and
consistency to the customer.

Page Number: 51/268 Made by: Ifact

Page Variables

Once the general look of the store is selected,

some details can be fixed manually.
Complete look and structure of each page is described
through its variables.
Variables are in fact properties of the page,
and can be viewed by clicking onto Variables button
at the menu bar.
Variable identifiers are mostly self-explaining,
so the use of the Variables section should be quite simple.
For instance, there are variables Button-font-size, Title, Email,
Page-width, etc. with obvious meanings.

Page Number: 52/268 Made by: Ifact

Changing Variable Values

Figure shows some of

the variables for the
front page.
Value of the
variable is changed
from white to pink, by
clicking onto the
Select button, next to
the variable name.
After the Update
button is pressed, our
front page will have
pink background.

Page Number: 53/268 Made by: Ifact

Variable Inheritance

Once the variable is changed

at the front page,
all pages will have
the new variable value as well.
For instance, our section pages will
have pink background as the front page
does. Figure shows Fresh Fruits section
with the pink background.
Note that the menu bar is somewhat
different on Fresh Fruits section page
from the one on the front page.
Menu bars are context-sensitive,
and tiny differences will arise
on different pages.

Page Number: 54/268 Made by: Ifact

Adding an Item to the Section

Now, we may try to add items into

our store. Menu bar on section
pages contains New Item option.
After clicking to New Item option
(say, on the Fresh Fruits section
page), a form will be loaded.
Four properties of the new item are
asked for: name, caption, code
(this is internal code of the item),
price in US Dollars.
After clicking to the Update button,
our item will be added
to the Fresh Fruits section.

Page Number: 55/268 Made by: Ifact

Uploading an Image for the Item

After a new item is created,

the appropriate item page will be loaded.
Now we may add ANY image for our item:
click onto Image option on the menu bar,
and upload an image
Make your own images; no library of images available!
Note: after clicking to Image option,
another form will be loaded, offering us to browse for the image.
There will also be a button for final image uploading.
If this button does not exist,
meaning that you cannot upload an image,
it means that your browser does not support uploading.
You should either change the browser,
or update it to newer version.

Page Number: 56/268 Made by: Ifact

Full Look of the Item

After an image is uploaded,

it will be shown both on the
item (upper figure) and the
section pages (lower figure).
Note that image is shown
in full size on the item page,
and as a thumbnail at the
section page.
Also, there is an Order button
at the item page. User will be
able to order our product by
clicking on that button.

Page Number: 57/268 Made by: Ifact

Final Look of Fresh Fruits Section

In the same manner,

we can add other items
to our Fresh Fruits page.
Figure shows possible look
of the Fresh Fruits page
after four items were added.
By clicking either on the name
or the image of any item,
appropriate item page will be
loaded: then, the user can order
the wanted amount of the

Page Number: 58/268 Made by: Ifact

Changing Variables for Single Page

Now, we may try to edit variables on the Fresh Fruits page.

By clicking the Variables option at the menu bar,
the list of variables will be loaded.
We may try to change the Background-color variable again,
and choose some other color,
hoping that our Fresh Fruits page will be in a different color.
New color will be set for the Fresh Fruits section page indeed,
but all the other pages will be changed too,
and that is not what we wanted!
In fact, we want to change the background color
for Fresh Fruits section only,
and leave all other pages with pink background.
Well, this task cannot be performed on Simple Interface:
Regular or Advanced Interface should be used.

Page Number: 59/268 Made by: Ifact

Starting Regular Interface

In order to use Regular Interface, type URL at your browser again.
If needed, retype your username and password.
Your personal page should be loaded,
offering you to manage your stores.
Click onto rasp store, and the manager page will be loaded.
In the Edit part, click Regular in order to load Regular Interface.

Page Number: 60/268 Made by: Ifact

Menu Bar of the Regular Interface

At first glance,
everything is the same as it was at the Simple Interface,
except that menu bar carries much more options.
Notice a small triangle at the end of the menu bar.
By clicking at this triangle,
our interface will be upgraded to Advanced.
At the Advanced interface, the same triangle will exist,
but it will be turned to the left,
and will be used to downgrade to Regular Interface.
From Simple to Regular/Advanced by new login;
from Regular to Advanced and back via red arrow

Page Number: 61/268 Made by: Ifact

Overriding a Variable
Now, we can step to our Fresh
Fruits sections. When the page
is loaded, click onto Edit
button on the menu bar.
Page with options for this page
will be shown, and among
other things, there will be
a button reading
Override Variable.
After clicking at this button, a
simple form will be loaded,
allowing us to select the
variable which we want to
All Variable values are the
same, except where we
override the Variable, locally
(for one page only)
Page Number: 62/268 Made by: Ifact
Overriding a Variable

Variable overriding is a powerful option,

which allows us to change one variable for one page only,
and leave its old value for all the other pages.
For instance, we may select Background-color variable
in the list offered at the Fresh Fruits page,
in order to change the background color for this page only.
Click onto the Update button
to select Background-color variable for overriding.
When you click to the Update button,
the variable is only set for override;
the actual value does not get changed
The actual value gets changed by clicking to Edit button,
on the specific page of interest; the Variable will be shown,
and you can change it, by clicking where appropriate

Page Number: 63/268 Made by: Ifact

Overriding a Variable

Now the Background-color variable will be shown

at the bottom of the Edit page,
and it will be possible to change its value separately.
Once changed,
the new color will be applied only to the Fresh Fruits page,
and all other pages will keep the pink background.
Figure shows the bottom of the Edit page
containing the orange background color:
only the Fresh Fruits section page now has the orange background.

Page Number: 64/268 Made by: Ifact

Overriding a Variable: Undoing

If you change your mind

and wish to discard overriding for some variable,
you may step to the Edit page again,
and click onto the Undo Override button.
Then select variable you wish to discard overriding,
and click onto the Update button:
the selected variable will be cleared from the list
of overridden variables.

Page Number: 65/268 Made by: Ifact

Setting an Item to Be Special

There may happen that you want to set some item

as a special offer.
For instance, fresh raspberries might be considered
as a representative product of our company.
Yahoo! Store offers one simple option that helps
to emphasize some item or section.
At the Regular Interface,
at the page you want to emphasize,
there is an option reading Special.
Click onto this option,
and a link to current page will be added to the front page.

Page Number: 66/268 Made by: Ifact

Setting Item to Be Special

For instance, we may set

fresh raspberries to be special.
In that case, front page will look
as shown on the figure.
If you change your mind later,
you can easily put the item
off the front page
Special option on the menu bar
now reads Not Special.
Click on the option,
and the item will not be special
any more.
Figure shows the front page look
after Fresh Raspberries (in crate)
are set as special item.

Page Number: 67/268 Made by: Ifact

Concept of Accessories

There is another option somewhat similar to the previous one.

In some cases, it is good to offer some accessories
along with some offered item.
For instance, if you are selling raspberries in plastic plates,
you may offer spare plastic spoons along with it.
In many cases, this can be a useful option,
because a user can order a product
and the appropriate accessory at the same page,
without jumping around the store.
In order to add accessory, click onto New Accessory option
at the menu bar on the item page of interest.
After that, fill the form with variables describing the accessory,
just as you would do for a regular item.

Page Number: 68/268 Made by: Ifact

Adding an Accessory

As an example, we may add offer

of plastic spoons onto the
Fresh Raspberries page.
Click onto the New Accessory
option, and fill information
about our spoons;
an appropriate image
should be uploaded, as well.
If you change your mind later, and
wish to clear the accessory from
the page, just click onto it, and
then select Delete.
After confirming the deletion,
accessory (the entire bottom part)
will be removed.

Page Number: 69/268 Made by: Ifact

Internal Clipboard

Another useful concept of Yahoo! Store is internal clipboard

(a place where the deleted pages are kept).
Suppose you wish to move or to copy some contents
(item or section; the only options for move) from one page to another.
Internal clipboard can be used for that purpose.
Without this option, one would have to delete the contents
and then to create a new one (identical) elsewhere, manually (painful!)
There are three possible actions when working with clipboard:
Copy - Copies the page onto clipboard; original object is left intact
Cut - Copies the page onto clipboard, but also deletes the original object
Paste - Copies the object from the clipboard to the current position
Content of the clipboard is being cleared each time you log off
from Yahoo! Store. If you cut an item,
and then do not paste it on some other place,
it will be irretrievably lost after you log off.

Page Number: 70/268 Made by: Ifact

Using Internal Clipboard

Contents of the clipboard is

visible underneath the menu
bar (only if it is not empty),
in the right-hand field
(left-hand: the paste command)
For instance, if we click Copy
when being on Raspberries
(crate) page, the complete
page will be put on the
clipboard. We can later step
to the Frozen Fruits page,
in order to paste the item there.
In order to paste the object,
just click onto its name in the
clipboard section at the bottom
of the page.

Page Number: 71/268 Made by: Ifact

Publishing the Store

At the end, when our store is finished, we should publish it.

To publish the store, go to the front page
by clicking on the Home button on any page,
and then select Publish option at the menu bar.
Our updated store will be immediately visible at the address
Remember that your store will be automatically deleted
ten days after it is created (not published).
In order to avoid this, you should turn your temporal account
into real account: at the introductory page for our store
(at the page where you had selected the interface type),
there is at the bottom of the page a link reading Open your account.
Click on this link,
and Yahoo! will lead you through the rest of the registering process.

Page Number: 72/268 Made by: Ifact

Final Notes

One advice: Do not wait until the tenth day to create your account.
Web services are not reliable enough yet,
and you may be quite disappointed
if you get into position to create the complete store all over again!
One of important topics of Yahoo! Store is its price.
Stores are valued by its size, i.e. the number of items offered.
There are three categories:
Small store - With up to 50 items; it costs $100 per month
Medium store - With up to 1000 items; it costs $300 per month
Large store - With more than 1000 items;
it costs $300 per month for first 1000 items,
and additional $100 per month for each next 1000 items;
for instance, a store with 2300 items would cost $500 per month.

Page Number: 73/268 Made by: Ifact


Product Name:
Software inc.
Desktop PC
with Microsoft
system and
Microsoft IE 4.0
or Netscape 4.0

Product URL:

Page Number: 75/268 Made by: Ifact

Why ecBuilder?

ecBuilder is a software package by MultiActive Software, Inc.,

that is designated for step by step creation
of fully functional E-business sites from scratch
It is designed to provide E-business solutions
for small and medium businesses
It is intuitive and has a quick learning curve
It hides most of the hard work from you,
so you need not bother thinking
how it is realized or how does it work
The price of this package = 495$ (1.1.2000.),
and it has no additional hardware or software demands

Page Number: 76/268 Made by: Ifact

What you need to start using
Registered version of ecBuilder
(look at
for further information on acquiring and registering it)
Webspace account with your local ISP
In order to accept credit cards online
you must already have a merchant status account
with the credit card company and/or your bank
You will also need to be able
to process these credit card transactions
You must choose a third-party payment processor
to process credit card payment requests
You should obtain a digital signature certificate

Page Number: 77/268 Made by: Ifact

Introduction to ecBuilder

As said before - it is designed for small

to medium sized businesses
Requires only basic HTML and Web design knowledge
Provides all the necessary elements
every E-business site must have.
Shopping basket, subtotal calculating,
and similar features are realized
through embedded JavaScript
(no direct access to user memory or hard disks)
and Cookie technologies
(to memorize a data structure on the users hard disk)
All shopping basket related data are stored with the user
(not at the server, which is one of the two options of SSCE)
With user - easier to develop; with server - more reliable!

Page Number: 78/268 Made by: Ifact

Introduction to ecBuilder

Credit Card payment

Bought goods reports
Most important:
Security issues are provided
via a special ecBuilder's server (ecPlace)
ecPlace server is independent from your site and your ISP,
and it is maintained by MultiActive company
You don't have to worry about installing it
and providing maintenance for it.

Page Number: 79/268 Made by: Ifact

Payment processing

ecBuilder provides full support for online credit card processing

Credit card paying process is security sensitive
The merchant (you) takes care of delivering the bought goods
ecPlace takes care of CC payment processing

(3) Customer enters Credit card number


(2) Shopping List encrypted (4) Payment request submitted

(1) Makes Shopping List with Public Key Technology via secure connection
Customer Your ecPlace Payment
Site Server Processor
(5) Transaction
(6) Encrypted eMail with results result

(7) eMail with results

Page Number: 80/268 Made by: Ifact

Inside ecBuilder

ecBuilder providesa built-in wizard

for generating boiler-plate HTML (the HTML skeleton)
and JavaScript code for your E-business site
There are dozens of built-in templates
for you to choose from
ecOrderDesk is an accompanying software that is used for
processing orders, bookkeeping, and as a POS terminal
When published, URL to Your E-business site will appear on
ecPlace`s index of business Web sites,
under appropriate industry category

Page Number: 81/268 Made by: Ifact

ecBuilder Wizard

ecBuilder`s Wizard is the only way

to create your E-business site using ecBuilder
Before beginning to work with Wizard,
you must first make one of the four choices
concerning your site
The choices are:

Create a new ecBuilder file

Look for an existing ecBuilder file
Open an example ecBuilder file
Open my last ecBuilder file

Page Number: 82/268 Made by: Ifact

ecBuilder Wizard

Page Number: 83/268 Made by: Ifact

ecBuilder First step : Site Structure

ecBuilder will generate several HTML pages,

and will correctly hyperlink them
In this step you should choose
which additional pages your site will contain
The choices are:

Content Pages
Your Products or Services Catalog
Feedback Form
Contact Information Page

Page Number: 84/268 Made by: Ifact

ecBuilder First step : Site Structure

Basically, you should include all of these pages,

as they are required on any serious eBusiness site
Depending on the pages you checked to be generated,
the number of steps the wizard guides you through may vary
Choose a title for any of the pages you checked above
If you want to show your address and phone number on the site,
check the 'Display your address and phone number on Your site'
checkbox at the bottom of the screen

Page Number: 85/268 Made by: Ifact

ecBuilder First step: Site Structure

Page Number: 86/268 Made by: Ifact

ecBuilder Second step - Company Address

In this step you are asked to enter

more detailed information on your company
Fields marked with an asterisk ("*") are required fields,
and you must enter them in order to proceed to the next step
This information is used by ecBuilder
to create your eBusiness site, and
will appear on appropriate places in it

Page Number: 87/268 Made by: Ifact

ecBuilder Second step - Company Address

Page Number: 88/268 Made by: Ifact

ecBuilder Third step - Site Builder Profile

The person building your site may not be the one

you want to receive orders and inquires generated from your site
This profile is the profile of the person
that is responsible for MAINTAINING your site
(it is not necessarily the person
responsible for handling orders, etc.)
MultiActive Software inc. will use this information
to send all the info regarding new upgrades,
options, and similar.

Page Number: 89/268 Made by: Ifact

ecBuilder Third step - Site Builder Profile

Page Number: 90/268 Made by: Ifact

ecBuilder Fourth step - Contact Person Profile

This is the profile of the person

that is responsible for HANDLING ORDERS and inquiries
If this person is the same as the person
that is building your site,
check the 'Same as Builder's Profile' checkbox.
If you want the name and the position of this person
to appear on the Contact Page,
check the appropriate checkbox at the bottom of the screen

Page Number: 91/268 Made by: Ifact

ecBuilder Fourth step - Contact Person Profile

Page Number: 92/268 Made by: Ifact

ecBuilder Fifth step - Business Classification

This step asks You to choose categories

that best describe your business
Also enter manually up to 30 keywords
to describe it in more details
The categories are used to place Your eBusiness site
under the right industry in the
ecPlace`s eBusiness sites list
Keywords are used when your site is submitted to search engines

Page Number: 93/268 Made by: Ifact

ecBuilder Fifth step - Business Classification

Page Number: 94/268 Made by: Ifact

ecBuilder Sixth step - Company Identity

In this step you are prompted

to enter your companys Logo,
Slogan, and Brief Description
Company Logo is a .JPG or .GIF picture
that will appear throughout your site
Company Slogan is a tag line
that will appear on the top of the first page
on Your E-business site
It should be one of the first things
that visitors to your site (and potential customers) see

Page Number: 95/268 Made by: Ifact

ecBuilder Sixth step - Company Identity

It should convince the customer

to stay and browse through your site
Brief Company Description is a summary
that is used when your site is submitted
to the search engines
It will appear as a short description of your site
when its URL is shown
by the respective Search Engine

Page Number: 96/268 Made by: Ifact

ecBuilder Sixth step - Company Identity

Page Number: 97/268 Made by: Ifact

ecBuilder Seventh step - Web Site Content

By checking the 'Content Pages' checkbox in Step One,

you caused ecBuilder to generate a page
with the default title 'background'
A link to that page can be found
on the main page of the site
This 'background' page contains
up to 100 links to other pages
of your choice and content,
which are also generated by ecBuilder
You may use this option to add anything
you find relevant to your eBusiness,
or the site in general.

Page Number: 98/268 Made by: Ifact

ecBuilder Seventh step - Web Site Content

Visitors may browse through these pages

by choosing the 'Background' link
'Background' is the default title which can be changed
Button controls on the Seventh Step splash screen
allow you to add, modify, or delete the content pages
that will show up on 'Background
as well as their headlines and content.
Headline is the name of the link
which will appear on the link list
of the 'Background' page
Content is the text that will appear
when Customer chooses one of the Headline links
on the 'Background' page

Page Number: 99/268 Made by: Ifact

ecBuilder Seventh step - Web Site Content

Page Number: 100/268 Made by: Ifact

ecBuilder Eighth step - Payment Methods

This is the step where you specify

whether you accept the credit card payment,
as well as the names of the cards you accept
You may also specify other payment methods
(money order, check, etc.)
You also specify the currency
in which the prices on your site are specified
In order to accept credit cards online,
you must already have a merchant account
with a credit card company and/or your bank

Page Number: 101/268 Made by: Ifact

ecBuilder Eighth step - Payment Methods

Page Number: 102/268 Made by: Ifact

ecBuilder Ninth step - Online Processing
Other Merchant Sites

Consumer Online
Internet Site
ecPlace Transaction
Server Bank

Consumer issuing and acquiring

Other Merchant Sites Private Gateway

The ecBuilder adds one more stage

into the generalized e-Business pipeline: The ecPlace
It is a ready-to-use interface to OTP;
you do not have to create your own one inside the Merchant Site
Private Gateway = SSL or VPN or anything else to provide security

Page Number: 103/268 Made by: Ifact

ecBuilder Ninth step - Online Processing

Here you must select the third party

online transaction processing (OTP) company you intend to use
As of this moment,
ecBuilder supports E-xact and InternetSecure
transaction processing companies;
the ecPlace is nothing else but software to interact with the OTP
After you have obtained a merchant account,
you must obtain a separate account
with one of the supported OTP companies
Go to
for more info on obtaining an account
with an online transaction processing company
Remember: OTP = TGP (transaction gateway provider)

Page Number: 104/268 Made by: Ifact

ecBuilder Ninth step - Online Processing

After applying to one of these transaction processing companies,

you will have to enter into the ecPlace (via the Wizard step 9)
the info that OTP sent to you (so ecPlace can work in your name):
ID, password, etc.. (depending on the company),
by selecting the settings button and by following the instructions
If you haven`t applied to any transaction processing companies,
but you want to create a beta version of the site,
choose [NONE]
in the transaction processing companies drop-down box
That will allow you to go on with creating your site,
leaving you the possibility to return to this step later
and to finish the process
of supplying your site with the online payment option.

Page Number: 105/268 Made by: Ifact

ecBuilder Ninth step - Online Processing

Page Number: 106/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Here you will make the catalogue

of the items/services/goods you are offering
for sale on your E-business site
On the left side of the splash screen (screen w/ Wizard questions)
there is a box with Catalog Sections
On the right side is the box
with the corresponding section's items
Sections will appear as links on the 'Catalog' page,
which is generated automatically
if you've selected 'Your Products or Services Catalog
checkbox in the First Step
Items will appear as links
on the corresponding section page.

Page Number: 107/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Page Number: 108/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Each items page may contain all the info

about the item you want
It will also contain customer interface
that allows the Customer
to add the item to his/her Shopping Basket
to buy that item right away
to make inquiries about it, etc.
depending on the choices you make in this step
If you select one section in the Catalog Sections box,
and press the 'Modify' button,
the Catalog Section dialog box will appear.

Page Number: 109/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Page Number: 110/268 Made by: Ifact

ecBuilder Tenth step - Catalog

In this dialog box, you must choose Business Template,

which will be used for your catalog
Depending on the template you selected,
the layout of the Web page may change,
as well as the choices you may make
in the next steps and in the dialog boxes
You must also select one Catalog Section Title
out of the available ones, or enter your own title
This title will appear as a link
to respective catalogue section page
on the main catalogue page

Page Number: 111/268 Made by: Ifact

ecBuilder Tenth step - Catalog

You may choose that all of the items/services

in this section are on a discount,
and enter appropriate Description for that Discount
Finally, you may enter Description for a Catalog section
(which will appear below title of the section),
as well as the Catalog section image
(which will appear left of the section title)
You may choose to show the preview images
of your items on the Catalog index page

Page Number: 112/268 Made by: Ifact

ecBuilder Tenth step - Catalog

If you select one item in the Catalog Items,

and press the 'Modify' button,
the Item dialog box will appear
This box allows you to customize
the way in which the item is presented
to the customer on your site
You may enter Item/Service name,
its model, description, Item's image, etc.
You may also enter two bulleted lists
with up to 20 bullets
that describe features of your item, etc.

Page Number: 113/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Page Number: 114/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Item dialog box also allows you to enter

detailed data on every item, like:
its weight
available sizes
keywords for search engines

Page Number: 115/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Pricing options are also available here:

Regular price item
Promotional Item
No Price Item (Inquiry)
In which units
the price is applied
(per item, per liter, etc.)
Whether this item can be
purchased online
and similar

Page Number: 116/268 Made by: Ifact

ecBuilder Tenth step - Catalog

Finally, you may configure taxes

that are applied to this item,
depending on the means of the shipping,
residence of the Customer, etc.

Page Number: 117/268 Made by: Ifact

ecBuilder Eleventh step - Advertising &
This Step gives you three options to select:
Top Page Banner
Bottom Page Banner
Hit Counter
Banners are used primarily for link exchange
between sites of similar interest
in order to boost up hit ratios,
and for some additional cash source
(pay per clickthrough banners, for example): e.g., 1cent/click
Hit counters are used for tracking
visitor statistics for your site,
which can be useful when planning
your future market strategy

Page Number: 118/268 Made by: Ifact

ecBuilder Eleventh step - Advertising &

Banners (Top and Bottom) can be placed

on your site in one of the two ways:
You may choose the banner image
and the URL link it points to, by yourself
You may cut and paste the already generated HTML code.
This will happen if you enlist with some
banner exchange service,
which will provide you with the HTML code
that you should install on your site
LinkExchange at
is one example of banner exchange services
(bringing business to each other).

Page Number: 119/268 Made by: Ifact

ecBuilder Eleventh step - Advertising &

Hit counter is installed by

pasting appropriate code into the text box
Counter code may be generated
for you by some of the free counter services,
or it may be your ISP's default counter code,
which you should obtain from your ISP's support service
TheCounter at is one of the providers
that offers you the tracking services for free

Page Number: 120/268 Made by: Ifact

ecBuilder Eleventh step - Advertising &

Page Number: 121/268 Made by: Ifact

ecBuilder Twelfth step - Order & Inquiry Fields

Order and Inquiry Fields are supplemental information

you may want to hear from your customers, for example:
how often do you buy on-line?
How did you hear about us?
These pieces of information are usually intended
for market surveys and market analysis,
which in turn should be used to improve
the way your site and business work

Page Number: 122/268 Made by: Ifact

ecBuilder Twelfth step - Order & Inquiry Fields

Page Number: 123/268 Made by: Ifact

ecBuilder Thirteenth step - Site Design &

In this Step you must choose

one of the presented templates and color schemes,
from which ecBuilder will generate your E-business site
These are the last ones of the necessary pieces of information
ecBuilder needs to make a fully functional site
You may check how your site looks like
by pressing the 'Preview' button
Your site will be generated,
and shown via the ecBuilder's browser
(you may choose another browser,
like Netscape or MSIE for showing preview version)
You can always return back to this step,
and choose a different template.

Page Number: 124/268 Made by: Ifact

ecBuilder Thirteenth step - Site Design &

Page Number: 125/268 Made by: Ifact

ecBuilder Thirteenth step - Site Design &

Page Number: 126/268 Made by: Ifact

ecBuilder Fourteenth step - Security Options

This Step is used to obtain and set up a digital certificate

(if you didn't have one by now)
You are required to have a digital certificate
if you choose to use any of the payment gateway options
Digital certificate can be obtained
by pressing the 'Security Configuration' button,
and then by pressing the "Get a New Digital ID" button
When the certificate is obtained,
check the "Use digital-based security" check-box,
and follow instructions
Basically, you just get it and then you pass it to your ISP,
to use it for SSL transfers related to your site.

Page Number: 127/268 Made by: Ifact

ecBuilder Fourteenth step - Security Options

Page Number: 128/268 Made by: Ifact

ecBuilder Fourteenth step - Description

Page Number: 129/268 Made by: Ifact

ecBuilder Fifteenth step - Search Engines

ecBuilder can submit your new site

to eight (as of this moment) search engines,
to make sure your E-business site is easy to be found
The data and keywords you entered in previous steps
will be used in the submit process
You may visit an independent Submit-It service provider at:
For a small fee they will submit your site
to hundreds of search engines

Page Number: 130/268 Made by: Ifact

ecBuilder Fifteenth step - Search Engines

Page Number: 131/268 Made by: Ifact

ecBuilder Sixteenth step - Upload Your Site

This is the final Step,

which offers you to upload your site
to your Webspace, or to save it on your hard disk
If you choose to FTP your site from ecBuilder,
choose the 'FTP to your existing ISP' radio button,
press the 'Submit' button,
and follow the instructions
If you choose to save your site on the local disk,
you must FTP it manually to your ISP
by using any FTP client

Page Number: 132/268 Made by: Ifact

ecBuilder Sixteenth step - Upload Your Site

Page Number: 133/268 Made by: Ifact

ecBuilder Sixteenth step - Upload Your Site

Page Number: 134/268 Made by: Ifact

ecBuilder Menu bar commands (1)

ecBuilder also has a large number of Menu bar commands

There are 4 basic menus: File; Edit; Go; Help
Most of the options in the File menu
are standard File menu options,
or shortcuts for the options of ecBuilder`s wizard
The only option that deserves further explanations here is
'Catalog Import and Export'
The 'Catalog Import and Export' option
allows you to import the item list directly
from the .CSV (Comma Separated Values) file
(offered items separated by commas)
This is a very useful option
if you plan to sell hundreds of types of items
Entering these items manually is a painstaking job,
which must produce lots of errors

Page Number: 135/268 Made by: Ifact

ecBuilder Menu bar commands (2)

If you have many items you want to sell,

you probably have them in some kind of a database
Exporting this database to a .CSV file should be an easy task
The easiest way should be
importing your database to Excell,
and then exporting it from Excell to the .CSV format:
apples, $4, yellow
oranges, $5, red
In ecBuilder, when you choose the .CSV file
from which you are importing a list of items,
you will be prompted to choose the Business Type
(e.g., type, price, description, as specified above)
that best-matches the data model in your external file,
and the section (in the catalogue) you are importing it into

Page Number: 136/268 Made by: Ifact

ecBuilder Menu bar commands (3)

After selecting whether you are appending the existing list

or updating the existing list (substitute of old with new),
you will be presented with the datasheet view
of the selected .CSV file,
and the option to specify the purpose of each column in that file
Typically, you select the most suitable Business Type option,
and then you fine-tune it manually.
When you're done with mapping,
you will be prompted whether you want
to create new sections
You will also be asked whether you want
to save the mapping scheme for future importing
of the item list of the same format
When you click finish,
items will be automatically added
into the correct sections
Page Number: 137/268 Made by: Ifact
ecBuilder Menu bar commands (4)
Selecting the best-matching Business Type template

Page Number: 138/268 Made by: Ifact

ecBuilder Menu bar commands (5)
Eliminating the non-needed columns
from the selected Business Type template

Page Number: 139/268 Made by: Ifact

ecBuilder Menu bar commands (6)
Presenting the results in the Datasheet View form

Page Number: 140/268 Made by: Ifact

ecBuilder Menu bar commands (7)

The File Menu is business as usual

(New, Open, Close, Save, etc)
The Edit Menu provides you with two important options:
to set up Tax Types and Shipping Methods
(these options are in fact shortcuts
to the same options in 'Step Ten - Catalog')
The Go Menu lists all 16 Steps,
allowing you to jump directly
to any step you want
(you do not have to click next, next, next)
The Help Menu gives you help on ecBuilder`s
user interface and functionality

Page Number: 141/268 Made by: Ifact


The ecOrderDesk application

allows you to track and
manage the orders you receive
from your ecBuilder Web site
Visitors to your Web site can
complete an online form to
inquire about your products
and services, or to order
something from you
The data from this form,
such as name, address,
credit card numbers,
and so on, is encrypted,
compressed, encoded,
and sent to you
as e-mail attachments

Page Number: 142/268 Made by: Ifact


When you receive these orders or inquiries,

you can decode and work with them using ecOrderDesk
You can use this same application
to enter and manage orders and inquiries
that come to you by telephone, mail, or other methods
ecOrderDesk allows you to track the status
of your inquiries and orders
whether your customers have received a response
or had their order been shipped, etc...

Page Number: 143/268 Made by: Ifact


It also lets you mark specific orders or inquiries as urgent,

ignore inquiries without deleting them,
and track shipping and payment status for your orders
ecOrderDesk lets you export order and inquiry data
for use with your companys accounting, report-creation,
order fulfillment, or contact management programs
ecOrderDesk supports three types of records:
item inquiries
general inquiries

Page Number: 144/268 Made by: Ifact

The Datasheet View of the purchasing workflow

Page Number: 145/268 Made by: Ifact


An actual purchase request by a shopper from your Web site
An order may include one or more catalog items
Item Inquiries
A request for information about a specific catalogue item
by a shopper from your web site
An Item Inquiry is not a purchase request
It is possible to convert an Item Inquiry to an Order
General Inquiry
A request for general information
about your company or anything else
General Inquiry is not linked to a specific catalog item

Page Number: 146/268 Made by: Ifact


The email attachment

specifying the contents of a shopping cart is an encrypted file
Importing that file into ecOrderDesk is done
using one of these two methods (decryption done automaticaly):
Double-click on the attachment file in the e-mail message
to open it in ecOrderDesk (the attachment file will be
in Multiactive ecOrderDesk (MEC) format); or
Save the attachment file onto your hard drive;
if ecBuilder is not installed on the computer
where you receive your e-mail,
save the MEC attachment file to a diskette
and copy it onto the computer where ecBuilder is installed
Open ecOrderDesk, and choose File > Import.
Then browse to the MEC file on your hard drive

Page Number: 147/268 Made by: Ifact


All three types of records (O,II, or GI)

can be inserted and modified manually
Records are rich with details about order or inquiry
Sorting records is possible by any column
Records could be edited, deleted, filtered, sorted...
A selective report for printing also exists
Records can be exported to three file types:
.mec (ecOrderDesk format)
.mel (Multiactive Maximizer format)
.csv (comma separated file - Excell, Lotus 1-2-3)
It is possible to archive records,
and to restore them if necessary

Page Number: 148/268 Made by: Ifact

Yes, the order/inquiry form is rich in details

Page Number: 149/268 Made by: Ifact

ecBuilder Conclusion

ecBuilder is a powerful and a very cost-effective tool

The amount of time and other resources
you must invest in mastering the more advanced technologies
(such as Microsoft Site Server, etc.)
greatly surpasses the time and resources
needed to learn and use ecBuilder
ecBuilder also provides basically all the functionality
you need for and from an eBusiness site,
with very few drawbacks
Having in mind all this,
as well as the relative small price of this package,
ecBuilder is probably the best choice for medium businesses
(all except the smallest and the biggest eBusiness companies)

Page Number: 150/268 Made by: Ifact

SSL (Secure Socket Layer)
SSL Basics

Protection of critical data during transfer

from customers browser to the merchant server
Most sensitive information are credit card numbers
and any other payment related information
Ideally, transaction should be as secured as in the real world,
where customer and merchant interact directly
without the possibility of third person involvement

Page Number: 152/268 Made by: Ifact

Jeopardy of Critical Information

On the Internet,
when customer types in his/hers credit card number
and initiates a payment procedure, data have to propagate
through the net, to get to the merchant server
Actually, customers browser sends an HTTP POST message
which is then broken into TCP/IP packets
before sending across the network
If someone could intercept these packets and read them
he/she would be able to obtain confidential data

Page Number: 153/268 Made by: Ifact

The SSL Idea

SSL is a network software layer that resides

between HTTP (application) and TCP (transport) layers
Both server and client must have the SSL layer installed,
in order to be able to communicate securely
This new layer encrypts data in such a manner
that it can only be decrypted by the SSL layer
on the machine data is meant for
That means,
if client sends encrypted data to the server,
only that server should have the key needed to decrypt the data

Page Number: 154/268 Made by: Ifact

The SSL Architecture

SSL consists of at least 2 levels:

SSL Handshake Protocol
SSL Record Layer
During the connection establishing between client and server,
SSL handshake protocol ensures a negotiation of secret data
needed for calculation of encryption/decryption keys
(master secret data) and MACs (Message Authentication Code)
SSL record layer uses the agreed secret data
to actually calculate keys and MACs
and uses them for secure transmission of information
across the network

Page Number: 155/268 Made by: Ifact

The MAC Mechanism
Authentication of both client and server messages is performed
through the use of the MAC mechanism
MAC is a peace of data used to authenticate packets of data
to ensure that they arrive at the destination unchanged
MACs are calculated with special algorithm applied to the:
contents of data packets
size of data packets
secret data mention earlier
The MAC, calculated this way, is then added to the data packet
So, if attacker makes changes to a data packet,
MAC of the new message will be different
from the MAC contained in the message,
and calculation of the new MAC is not possible
without possession of the secret data
If no MACs included, an attacker can intercept the data packet,
replace it with its own data of the same format,
and the receiver would NOT notice the difference.
Page Number: 156/268 Made by: Ifact
Encryption Algorithms: Birds View

Two types of algorithms: Symmetric and Asymmetric

Both algorithms used in SSL:
- Symmetric by the record layer
- Asymmetric by the handshake protocol
In steady state, record layer is responsible for online
encryption/decryption, using one secret key (symmetric),
which is the same both on the client and the server sides
Before that, handshake protocol implements the initial passing
of the public key from the server to the client (asymmetric),
as well as a number of related activities
At the very beginning (before all above), server obtains
both the public and the secret keys during the certification
(inside the certificate obtained from the trusted source)

Page Number: 157/268 Made by: Ifact

Symmetric Algorithms
Actual encryption is performed
through the use of symmetric encryption algorithms
The most widely used symmetric algorithm is DES
(Data Encryption Standard)
Symmetric means that both encryption and decryption
are performed with the same key
How to make the Symmetric Secret Key known to both
the server and the client? By an asymmetric algorithm!

SSL Encrypts DATA with SSL Decrypts DATA with

SymmetricSecretKey SymmetricSecretKey
S DATA S Receiver
Sender L L
Sender Ports Receiver Ports
Page Number: 158/268 Made by: Ifact
Asymmetric Algorithms
In order to hide the encryption/decryption key
from possible attackers
and still make it known to both server and client,
SSL handshake protocol uses an asymmetric protocol like RSA
(Rivest + Shamir + Adleman, MIT)
Asymmetric algorithms are based on the concept of secret key
and the corresponding public key
In general, secure sending of data includes the following steps:
receiver obtains the public key and the corresponding secret key;
the longer the better!
receiver publishes the public key (e.g., via the Internet),
and keeps the secret key hidden
sender obtains the receivers public key
and encrypts data with it (the receivers public key)
sender transmits data over the network
receiver uses his/her secret key to decrypt data
Intercepted data cannot be decrypted without the secret key
even if attacker knows the public key
Page Number: 159/268 Made by: Ifact
Server Certification

In the e-commerce field,

each and every server is supposed to be certified
This means that merchant has obtained a certificate
from a well known and reliable institution
Incorporated in the certificate is a set of RSA keys
(used in asymmetric algorithms).
This set of keys shall be used during the SSL handshake phase
with the client (initial exchange)

Page Number: 160/268 Made by: Ifact

Simplified SSL Handshake Protocol

We assume that only the

server is certified clientHello
(has obtained a set of RSA
public keys); this is why
simplified serverHello

Picture explains certificate

communication between serverKeyExchange
server and client during the
handshake agreement
Client generates data to be clientKeyExchage
used for the later-on
generation of the symmetric
secret key, and passes it to
the server, using the finished
asymmetric algorithm (using
the asymmetric public key
obtained from the server)
Page Number: 161/268 Made by: Ifact

With this message, client actually announces its existence!

Client sends ClientHello message which contains
(among other things) randomly chosen 28 bytes
Message also contains the list of supported algorithms (by client)
for encryption and optional compression of data. List is sorted
with more secure algorithms placed near the top of the list
(e.g., it announces that it supports DES
with a 128-bit symmetric secret key)

Page Number: 162/268 Made by: Ifact


Server as an answer sends ServerHello message that contains

independently generated random data (similar to ClientHello)
These random data add one more security level into the system
Also, message contains a response to the client
with the servers selection of algorithms from the clients lists.
Server chooses the first algorithm, from the top of the list,
that he/she supports (the first one is the most reliable)
As already indicated,
this message is to negotiate the symmetric algorithm to be used

Page Number: 163/268 Made by: Ifact


Server sends its certificate to the client (certificate=PublicKeyEtc);

incorporated in the message, the servers public key is sent.
Additional data exchanged are the company name, physical
address, contact address, assurances from the trusted party
(that the certificate is not fake)
After the reception of this message,
client knows the servers public key
that shall be used in subsequent messages
Generally speaking,
there exist certificates that are used only as signatures
(with additional data specified above)
and do not contain RSA keys.

Page Number: 164/268 Made by: Ifact


If the previous message did not contain the set of RSA keys, then
this message has to be sent
Server sends the ServerKeyExchange message
with a temporary public key generated ad hoc
(the secret key is generated at the same time,
but, of course, it is not sent over the network)

Page Number: 165/268 Made by: Ifact

ClientKeyExchange (1)
Unlike the ServerKeyExchange,
this message is exchanged always (essential for the handshake)
Client randomly generates a 40 bytes long data called
PreMasterSecret (that will turn later into the symmetric secret key)
Note that it is the Client who generates the symmetric key,
but not in its direct form; instead in the form of PreMasterSecret.
This PreMasterSecret is used on both sides (Server and Client),
in conjunction with the initially transferred random data,
to form the symmetric encryption/decription key
(using the predefined algorithm)

Page Number: 166/268 Made by: Ifact

ClientKeyExchange (2)

Using the public key, client encrypts PreMasterSecret

and sends it as the EncryptedPreMasterSecret
incorporated into ClienKeyExchange message
Server accepts the message
and decrypts PreMasterSecret with its secret key
When both server and client have obtained PreMasterSecret,
they calculate a 40B MasterSecret
(using PreMasterSecret and previously exchanged random data)
That is in fact the final goal of the SSL handshake protocol
(passing the secret key from client to server)

Page Number: 167/268 Made by: Ifact

Finished Messages

Both client and server now send finished messages

containing parameters derived from the contents
of all previous handshake massages and MasterSecret
(the last derivative on the way to symmetric key)
This is a protection against attacks (in the procedure so far)
performed by altering handshake messages
If attacker tampers with handshake messages,
then these parameters
(contained in the message and derived from sent messages)
will differ from the same parameters computed by the receiver
(derived from received messages)
There is no way for attacker to fake finished messages
without knowing the agreed MasterSecret
In essence, a CRC is applied to all messages exchanged
in the handshaking process; the resulting checksum is encrypted.

Page Number: 168/268 Made by: Ifact

Simplified Handshake: Revisited

Client Server
PublicAsymmKey is transmitted
Client generates to Client Server generates
SecretSymmKey PublicAsymmKey

Crypted SecretSymmKey is
Client crypts transmitted to Server Server decrypts
SecretSymmKey SecretSymmKey using
using PubAsymKey SecretAssymKey

Cheksums are exchanged and

Client generates validated Server generates
master cheksum master cheksum

Client encrypts/decrypts Encrypted connection established Server encrypts/decrypts

DATA with DATA with
SecretSymmKey SecretSymmKey

Page Number: 169/268 Made by: Ifact

SSL Record Layer

After the handshake protocol is successfully completed,

client and server independently compute MACs
and encryption/decryption keys
Now everything is ready for a safe transmission:
- keys are to prevent abuse
- MACs are to detect abuse
Record layer first optionally compresses every packet
that needs to be transmitted;
after that, MAC is attached to it,
and then the record layer encrypts it all together
After reception, receiver first decrypts data, separates MAC,
and makes sure that it is identical to the one calculated earlier
If everything is OK, receiver decompresses data
(if that is needed), which effectively ends secure transmission.

Page Number: 170/268 Made by: Ifact

Site Server Commerce Edition

A Technological Survey
Basic Concepts and Tools

SSCE enables merchants to build their storefronts

with much more flexibility than with previous tools.
SSCE comes with the means for integration
with existing information systems and tools
for virtually any part of store development and use
Based on the ASP technology
which enables the execution of script language programs
on a Web server; the ASP files include HTML tags and script code
The script code is able to dynamically create the HTML pages
for storefront implementation purposes (and wider);
The SSCE is a methodology to connect the existing IS
with the newly generated storefront
SSCE is a kind of ASP extension!

Page Number: 172/268 Made by: Ifact

Mentioned tools include:
Site Builder Wizard is a simple step by step wizard
that simplifies HTML and database connection writing.
It comes with several completed sites as examples
Dynamic Merchandising is a way for real-time catalog administration
with WWW interface. Included are cross-sell systems
that enable merchants to dynamically generate offer pages
based on customers purchasing history
and current contents of his/her shopping basket
Order processing pipeline (OPP) is a concept
that takes care about background tasks
like gathering information about products catalog,
calculation of prices, taxes calculation
It can be integrated with the existing information systems
and its capabilities can be extended by inserting new components.
OPP is the fundamental concept
behind the e-commerce business to consumer (B2C) sites

Page Number: 173/268 Made by: Ifact

Commerce Interchange Pipeline (CIP) is a concept
intended for business to business (B2B) applications.
B2B includes implementation of infrastructure for businesses
to exchange documents and forms of business transactions
through an existing EDI (Electronic data interchange) system;
outside the scope of this tutorial.
Integration with Microsoft Transaction Server (MTS).
MTS is a sw package that ensures integrity of database operations
by introducing a transaction based interface for database access
SSCE is based upon the ASP server side script technology
SSCE also includes Direct Mailer - A simple tool
for personalized TDEM (Target Directed E-mail Marketing)
campaigns based on customers profiles and their affiliations

Page Number: 174/268 Made by: Ifact


any SSCE-built store is based on three key technologies:
ASP, COM (Component Object Model) objects, and OPP
Pages on a SSCE-created Web site are ASP pages
with a server side script that manipulates a set of COM objects,
usually those coming within the SSCE package.
Script uses these objects to gather information from consumers,
to find or save info with a ODBC/ADO query, and
to process needed tasks through OPP (ADO = ActiveX Data Objects)

Page Number: 175/268 Made by: Ifact

OPP Concept

OPP imitates interaction between customer and merchant

in a typical real-world store
OPP is actually a name for a set of three pipelines and
each one will be described in full extent
As any other pipelines,
OPP pipelines also consist of discrete parts called stages
that are executed in a precisely determined sequence
Each stage contains COM objects that actually do the job
the stage is supposed to perform
It is clear that information needs to be passed from
one pipeline stage to another
to perform meaningful processing.
This is implemented through use of the OrderForm object
OrderForm object is a COM object that contains info about:
consumer, shopping basket details, prices,
and additional expenses
Page Number: 176/268 Made by: Ifact
Short Description of OPP Stages

This is about a stage, no matter what pipe it belongs to!

Some of the stages may exist in one, others in two pipelines;
No case when a stage can exist in all three pipes (rule, so far)
Product Info - Gathers data about products offered to consumers
Merchant Information - Adds info about merchant to OrderForm
Shopper Information - Adds info about customer
(one that is currently visiting the site) to the OrderForm
Order Initialization - Sets initial order data to OrderForm
and makes sure that OrderForm contains a unique ID
of this particular order
Order Check - Checks whether OrderForm contains
needed information;
for example, is there at least one product that is put into the order
Item Price - Determines initial price of the order
without any discounts and additional expenses

Page Number: 177/268 Made by: Ifact

Item Adjust Price - For product price adjustment
based on possible discounts
Order Adjust Price - Discounts based on total amount of order
Order Subtotal - Calculates price of order before any tax,
shipment and handling expenses are considered
Shipping - This stage calculates amount of shipping expenses
for the order
Handling - This stage calculates the amount of handling expenses
for the order
Tax - Calculates taxes for each item in the order
and the total tax amount for the entire order

Page Number: 178/268 Made by: Ifact

Order Total - Calculates final prices based on previous stages
Inventory - Makes sure that there are enough ordered products
on the stocks
Purchase Check - Checks customers cc and address information
Payment - Actually performs financial transaction
Accept - Finalizing the purchase process

Page Number: 179/268 Made by: Ifact

Files That Describe Pipelines

SSCE organizes data about pipelines in files with .pcf extensions.

These files can be created with SSCE Pipeline Editor
In .pcf files SSCE keeps info about stages and objects
corresponding to these stages
SSCE comes with the three templates for .pcf files.
Template files come with the .pct extension

Page Number: 180/268 Made by: Ifact

The Three Pipeline Types

Three Pipeline types included in the SSCE package are:

Product pipeline with 5 predefined stages
Plan pipeline with 14 predefined stages
Payment pipeline with 3 predefined stages
Some pipeline stages include COM objects
responsible for execution of the stage-related functions
These COM objects are represented graphically as valves

Page Number: 181/268 Made by: Ifact

Product Template

This is the template for the first of the three pipelines

Product.pct - this template is used for price and discount calculation
for individual products. Usually application uses this pipeline
on product.asp page to obtain general information
and the price for each offered product
Stages in the product pipeline usually include:
Product Info, Shopper Info, Item Price, Item Adjust Price, and Inventory

Page Number: 182/268 Made by: Ifact

Plan Template

Plan.pct - This template is for pipeline

which is supposed to calculate the final price of the order.
Usually, pipeline is used to create the final report for the customer
with the facility to finalize the payment process
or to drop from the purchase all together
Stages in the plan pipeline usually include: Product Info, Merchant
Info, Shopper Info, Order Initialization, Order Check, Item Price, Item
Adjust Price, Order Adjust Price, Order Subtotal, Shipping, Tax, Order
Total, and Inventory

Page Number: 183/268 Made by: Ifact

Purchase Template

Purchase.pct - This template is for pipelines that check

payment information, perform financial transaction,
and save order information into the database
This type of pipeline usually receives OrderForm
that has already propagated through the plan pipeline.
Actually, this pipeline only completes the payment process
initiated in the plan pipeline
This type of pipeline usually consists of the following stages:
Purchase Check, Payment, and Accept

Page Number: 184/268 Made by: Ifact

Pipeline Editor

Pipeline Editor is a visual tool

for creating pipeline files (.pcf).
Pipeline is graphically presented
as a vertical pipe broken into
sections representing stages
Every horizontal section (valve)
represents an OPP COM object
in the corresponding stage
This software enables user to
add and configure OPP objects.
Also, user can create or remove
stages from the pipeline.

Page Number: 185/268 Made by: Ifact


OPP supports full Microsoft Transaction Server integration.

Actually there are two versions of objects
that encapsulate pipeline during execution.
Those are MtsPipeline and MtsTxPipeline objects.
The only difference is that MtsTxPipeline runs in cooperation
with MTS, ensuring data integrity.
Usually, merchant runs the Purchase pipeline
with the MtsTxPipeline object
After instancing one of the above object,
by calling the LoadPipe method,
the desired .pcf file gets loaded,
and the Execute method starts the pipeline execution

Page Number: 186/268 Made by: Ifact

OrderForm as a Dictionary Object

OrderForm is a so-called dictionary object.

This type of objects are unique by the fact that
users can dynamically add properties (name/value pairs) to them
Name/value pairs have references and values
just like any other object property,
except that they can be dynamically added
with a simple assignment command like:
Object.name_of_name/value_pair = value_of_name/value_pair
If an object does not contain a property with this name,
a new property (name/value pair) will be created
and a value will be assigned to it.
If it does exist,
then the above call will be considered to be a normal reference
and a value will be assigned to the existing property

Page Number: 187/268 Made by: Ifact


This object should contain all information necessary

for order completion
This is NOT an object that helps implement functionality of a stage;
this is an object that propagates through all 3 pipelines!
This object maintains the context of the order processing
Generally it consists of data needed for payment and shipment,
along with the collection of objects representing items
that customer wishes to buy.
Item is, in this terminology, a set of products of the same type,
that a customer chooses on the merchants site
Usually, customer chooses a product
and then specifies the desired quantity he/she wishes to buy
Also OrderForm contains two object collections (sub-objects) used
by pipelines to report errors encountered during order processing

Page Number: 188/268 Made by: Ifact


Every item object

has fields for
calculating the price
and the additional
expenses tied to that
The items is an
object implemented
as a collection of
item objects
Each item includes
no methods (only

Page Number: 189/268 Made by: Ifact

Adding New Info to OrderForm
This adding is related to an on-going purchase
During pipeline processing,
additional information (new fields; new name-value pairs)
is usually added to the OrderForm object
A typical example is the Product Info Pipeline stage
that gathers product information usually by database query
SELECT * FROM products WHERE SKU=OrderForm.Item[1].SKU
This SQL query (in the PI pipeline stage) is executed for each item
(specified with a different product code/identifier SKU);
For every column of the query result,
COM object in this stage creates a new property (field; name-value)
in the OrderForm object, like _product_columnName
and stores the value obtained from the query in it.
Many of these properties are predefined
(like _product_name for example).
Those that are not, are automatically created.
Page Number: 190/268 Made by: Ifact
Pipeline Types and Stage Functions

As already mentioned,
a SSCE pipeline is a series of COM objects
executed in a predefined order
These objects are grouped in pipeline stages.
Every stage is a logical macro step and is meant for certain function.
Usually, a stage has an ability to check (at the end of its execution)
whether the function, stage is meant for, is actually performed
This is done before execution control is transferred
to the next pipeline stage

Page Number: 191/268 Made by: Ifact


Branching does not exist directly; only indirectly,

using the null data field mechanism
Pipeline stages and components in those stages are executed
sequentially according to the predefined order specified in
pipeline editor. One form of branching simulation can be
achieved by the following mechanism
The idea is to write components (many built-in ones are of this type)
that first checks to see if fields they are supposed to set are null.
If they are not, components perform their function,
otherwise they do nothing. This enables, for instance,
to calculate different shipping fees
for different shipping methods and destinations

Page Number: 192/268 Made by: Ifact

Product Pipeline

Aim of this type of pipeline is

to gather information about
products, and shows it on the
product.asp page
This page shows info on the
products offered for sale
This stage, among other
things, is used for a
preliminary single item price

Page Number: 193/268 Made by: Ifact

Product Info Stage (#1)

Minimal requirements for this stage is that it must,

for each Item in Items collection,
copy info from the product database to the required fields
Additional components in this stage should be used
for retrieval and/or calculation of non predefined data
such as product weight needed
as a basis for shipment cost calculation
At the end of stage execution, a check is performed to see
if required data are retrieved for all Items

Page Number: 194/268 Made by: Ifact

Shopper Information (#2)

This stage writes information (to OrderForm) about the customer;

if the related field already exists - just fill in;
if no - create!
This is useful if a customer database is to be built
This is usually done to enable creation of special discounts
for particular groups of customers
This stage is not required
and no checking is performed at the end

Page Number: 195/268 Made by: Ifact

Item Price (#3)

Goal of this stage is to determine the regular price

(without any discounts and additional expenses) for every Item,
and to put it into the OrderForm object.
This value is written to the field called
At the end of this stage, checking is performed to see if all
_iadjust_regularprice fields are set

Page Number: 196/268 Made by: Ifact

Item Adjust Price (#4)

This stage calculates all possible discounts

and comes up with a new price value
when all these discounts are applied to the price
obtained in the previous stage
Result is written to _iadjust_currentprice for each item
At the end, stage checks if all _iadjust_currentprice values are set

Page Number: 197/268 Made by: Ifact

Inventory (#5)

This is the last stage in the product pipeline

and it is used to check if the required amount of products
is present on stocks (in the inventory)
If not enough products are present for a particular Item,
component sets _inventory_backorder for that Item
No checking is performed at the end of this stage

Page Number: 198/268 Made by: Ifact

Plan Pipeline

Plan pipeline is a
superset of the
Product pipeline
It is used for
complete price
calculation based on
various parameters
What follows is only
the NEW stages, not
mentioned before, in
the product pipeline

Page Number: 199/268 Made by: Ifact

Merchant Information

Used for setting data about merchant in OrderForm

This is an optional stage and no checking is performed at the end

Page Number: 200/268 Made by: Ifact

Order Initialization

This stage initializes order information

while checking that correct product quantity is set
for each item (Item[n].Quantity)
At the end of the stage,
a built-in checking system sets the order ID,
if it is not already set,
creates _oadjust_adjustedprice for each item
as well as deletes some fields
that need to be reset when the pipeline execution commences

Page Number: 201/268 Made by: Ifact

Order Check

Verifies that the order can be processed. This means that

stage adds error message to OrderForm
if the order does not contain at least one item
Any additional component in this stage should check
order validity based on possible specific criteria
and maybe make some corrections
that will allow further pipeline processing

Page Number: 202/268 Made by: Ifact

Order Adjust Price

This stage calculates additional discount

based on the order as a whole
This enables, for instance, discounts for orders
that are above some predefined amount
This is for buy 6, pay 5, scenarios

Page Number: 203/268 Made by: Ifact

Order Subtotal

Final order price before any shipping, handling, and

tax expenses should be set here
This is done by summing up all _oadjust_adjustedprice
values and storing result in _oadjust_subtotal
Reason for this calculation is that this value is needed
for additional calculation in the next stages
that are based on the total price of the order
and not on the price of a particular items
Additionally, this value is presented as a final price
on a page where contents of customers basket is shown
because shipping address is not yet known,
so shipping and taxes fees cannot be calculated yet

Page Number: 204/268 Made by: Ifact


Calculates shipping fees that should be incorporated

in the final price
This value should be written in _shipping_total field
which is checked at the end of the stage execution

Page Number: 205/268 Made by: Ifact


Similarly calculates the handling fee and stores it in the

_handling_total field

Page Number: 206/268 Made by: Ifact


Last stage before final price calculation

Components in this stage should always set _tax_total field
and _tax_included field
which denounces part of the previously calculated prices
as the already included tax
Although this is not checked at the end of the stage execution,
components should set tax fee value for each item
in order to simplify later book-keeping process

Page Number: 207/268 Made by: Ifact

Order Total

Calculates FINAL price by summing values calculated in Tax,

Shipping, Handling, and Order Subtotal stages
Final price is stored in OrderForm._total_total.
This field is checked at the end of this stage execution

Page Number: 208/268 Made by: Ifact

Purchase Pipeline

This type of pipeline accepts

the OrderForm object already
processed through the Plan
pipeline and completes the
order processing by
performing financial
This pipeline, among other
things, performs the cc
authorization and completes
the purchase

Page Number: 209/268 Made by: Ifact

Purchase Check

This stage is often used for verification

if OrderForm is ready for order completion.
OrderForm must have _total_total value set along
with the all necessary payment processing information
No checks are performed at the end of this stage

Page Number: 210/268 Made by: Ifact


This stage should perform the actual financial transactions

The goal is to accept or reject the purchase
by performing cc authorization.
This stage must set _payment_auth_code
which represents ID of the particular transaction,
as well as an indication that the transaction has been completed

Page Number: 211/268 Made by: Ifact


This last stage in the purchase pipeline performs activities

like updating inventory information, storing order data,
sending e-mail confirmation to customers (electronic bill), etc.
This is an optional stage without any checking at the end
SSCE provides components for automatic OrderForm
database storing

Page Number: 212/268 Made by: Ifact

The OPP COM Components
Included in SSCE (Valves)
Scriptor Component

This is the only built-in component that is not meant for

particular stage
Scriptor component allows SSCE users to implement
virtually any function without writing new COM OPP objects in
Visual C++ or VB
This component works by executing script associated with it.
Any Windows Scripting Host script language can be used
(VBScript, JavaScript...)
Since programmer can use any additional functionality
in the script by instancing ActiveX objects, there are
virtually no limitations for use of scriptor component

Page Number: 214/268 Made by: Ifact

QueryProdInfoADO is the only component that comes with the
SSCE that is meant to work in Product Information stage
This component queries product database for each Item
Query is specified either as a value of a field Query or as
a part QueryMap object that encapsulates collection of all
queries used in application. This object is usually instanced
in global.asa file, so that is visible for all parts of the application.

Page Number: 215/268 Made by: Ifact


Also there is a Connection String field that contains

specification of ODBC accessed database and field
Parameter List that specifies parameters used for
each Item in the Query
Component executes query for each item like this:
SELECT * from Product where SKU=? and name like %?%
with parameter list like this: Item.SKU Item.Name
For each Item question marks will be replaced with
the value from the parameter list for that item.
Every column from the resulting recordset will be
stored in OrderForm

Page Number: 216/268 Made by: Ifact


This component is used in ShopperInformation stage

It is copying data from Shopper object to OrderForm
Shopper object is another predefined dictionary object
that application uses to store customer data.
This data is usually obtained through customer
registration on the site
ShopperInformation creates fields in OrderForm like:
where * represents names of shopper objects properties

Page Number: 217/268 Made by: Ifact


The only component in SSCE for Order Initialization stage is

RequiredOrderInit. Instance of this component is
automatically created and placed as a part of
checking logic at the end of this stage
This component (among other things) does the following:
if OrderForm.order_ID = null, creates new unique order ID
sets following values to null: _total_total, _oadjust_adjustedprice,
_oadjust_subtotal, _shipping_total, _tax_total, _handling_total,
_tax_included i _payment_auth_code

Page Number: 218/268 Made by: Ifact


This component similarly to previous is part of checking logic

and is always present
It simply checks if there is at least one item in Items collection.
If there are no items, component adds error message in the
_purchase_errors collection of the OrderForm object
This error stops the pipeline execution

Page Number: 219/268 Made by: Ifact


This component simply copies values from

Item._product_list_price to Item._iadjust_regularprice for
each item
Fields _product_list_price must be present for each item.
These values were set in Product Information stage by
QueryProdInfoADO component. This means that
product database must have _list_price column where
product prices are stored
Offcourse, this can be bypassed with custom scriptor
component that obtains prices, on some different way,
and stores them in the _iadjust_regularprice fields

Page Number: 220/268 Made by: Ifact


SaleAdjust component for Item Adjust Price stage checks

whether items (products) are on sale and adjusts prices
This component compares current date with dates set
in the Item._product_sale_start and Item._product_sale_end
fields and if product is on sale copies
Item._product_sale_price to Item._iadjust_currentprice
This means that as is the case with previous component
QueryProdinfoADO component must provide
mentioned fields from product database

Page Number: 221/268 Made by: Ifact

This is a more complex version of the previous component.
Needed information is not obtained from the database,
but from component properties
Component first checks if current date is between values
mentioned in the Start Date and End Date properties.
If this is the case, the following must be also true for discount
to be applied:
[condition order key][condition operator][condition value]
condition order key ,condition operator and
condition value are component fields that should contain
values that help determine which products are on sale.
For example, if we want to apply discount only to product
with SKU = 123 then we set properties as follows:
Condition Order Key: SKU
Condition Operator: =
Condition Value: 123

Page Number: 222/268 Made by: Ifact


This component for Order Adjust stage should obtain information

about additional discounts on the order level from database
These pieces of information include the discount applying

Page Number: 223/268 Made by: Ifact


This component for Order Subtotal stage simply sums up all

item._oadjust_adjustedprice values and results stores to
OrderForm._oadjust_subtotal field
Usually, it is not needed to add any more additional components
in this stage

Page Number: 224/268 Made by: Ifact


SSCE comes with a number of components that can be

used for shipping fee calculation. Some of them will be
presented here
Simplest is DefaultShipping component simply stores zero
in OrderForm._shipping_total field
This component is used when no shipping fee is needed.
Typical example is selling downloadable software

Page Number: 225/268 Made by: Ifact


When customer buys the goods he/she must notify merchant

about preferred shipping method. Software must set this value
to OrderForm.shipping_method field
FixedShipping component has Apply when property that
defines when to apply value of the field FixedShipping.cost
as the order shipping cost. If Apply when has value Always
then shipping fee is set without regards to whether
OrderForm.shipping_method is set. If value is
Has any value the shipping cost is set if the
OrderForm.shipping_method is not null. And finally if value is
Equal to method cost is set only if OrderForm.shipping_method
is equal to FixedShipping.method field value
Fee is calculated simply by copying FixedShipping.Cost in

Page Number: 226/268 Made by: Ifact

This component calculates shipping fees based on information
obtained form a database
Idea is to have a table that specifies, for example, that for certain
type of transport and for a range of order weight specified amount
of money must be charged
Table should look like this (SQL script of MSSQL server):
CREATE TABLE dbo.shipping_costs (
shipping_method varchar (20) NOT NULL ,
min_weight float NOT NULL ,
max_weight float NOT NULL ,
cost int NOT NULL,
PRIMARY KEY (shipping_method,min_weight,max_weight
And will process the following query with actual parameters:
SELECT cost FROM healthy_shipping_costs WHERE min_weight <= ?
AND max_weight > ? AND shipping_method = ?

Page Number: 227/268 Made by: Ifact

Handling Components

Components in this stage are very similar to components in the

previous stage, so there are DefaultHandling, FixedHandling,
TableHandlingADO and others
Handling fee is connected with activities such as packing, gift
wrapping, and so on
Components are analogous to their shipping counterparts, so that
a more detailed description is not needed

Page Number: 228/268 Made by: Ifact

Components for Tax Stage

Tax calculation is a relatively difficult task and components

provided will in most cases be inadequate
Built-in components calculate taxes according to American,
Japanese, partially Canadian laws, as well as laws of European
Union. For tax calculation in other countries, new components
must be written. Due to the fact that laws were not written for this
type of commercial activity, merchant does not charge any tax
fees to customers abroad. Taxes are only calculated for
customers from the same country, merchant is based in.
DefaultTax component is provided to facilitate this simply by
writing zero to OrderForm._tax_total
As an example SimpleVATTax component for EU VAT tax
calculation will be presented

Page Number: 229/268 Made by: Ifact

Prerequisite for use of this component is setting field
OrderForm.ship_to_country which is used to determine if this
component should be used. Principle is the same as for
FixedShipping component with Apply when field with Always,
Has any value and Equal to country possible values
Tax is calculated independently for each item and is based on tax
rate provided by item.RateItemKey, set usually in Product
Information stage. Problem with this component is that some EU
countries charge VAT even when merchant is selling goods to
customers to other EU countries. This is usually solved by
introducing new value for Country field (EU)
Component calculates and sets item._tax_vat_item field and
optionally item._tax_total and OrderForm._tax_total
Sometimes, it is necessary to calculate tax on shipping and
handling charges. In these cases new components must be
written because those built in are inadequate

Page Number: 230/268 Made by: Ifact


This component simply sumps up values calculated in subtotal,

shipping, handling and tax stages and writes result in

Page Number: 231/268 Made by: Ifact


This component is meant to be used in the Inventory stage

to check if there are enough products on the stocks
to meet the order
Component compares Quantity for each item with
item._product_local_inventory that should contain information
about the remaining number of products of that type on stocks.
This field is usually generated in the Product Information stage
If the ordered quantity is bigger than that present in the inventory,
difference is written to item._inventory_backorder and the pipeline
is optionally stopped so that customer could be informed that
he/she must wait longer for order delivery

Page Number: 232/268 Made by: Ifact


This component is the only component provided for the Purchase

Check stage
First component checks cc expiration date to see if cc is still valid.
Secondly, it runs an algorithm that checks if number typed by
customer can be cc number. Actual existence of that cc is verified
through authorization in the next stage
If check returns false on any of these two steps
ValidateCCNumber stops pipeline and reports error in
OrderForm._Purchase_errors collection

Page Number: 233/268 Made by: Ifact

Components for Payment Stage

There are really no built-in components for payment stage.

Authorization of credit cards requires services of TGPs that
usually provide their software for this stage
For instance, E-xact COM objects described in this tutorial can be
used as part of the customary built Scriptor component
End of stage logic checks to see if
OrderForm._payment_auth_code is set. If cc payment is not
performed online but manually, this stage should contain
DefaultPayment component that simply writes FAITH in
OrderForm._payment_auth_code. This is offcourse not

Page Number: 234/268 Made by: Ifact

Components for Accept Stage

In this last stage, operations like inventory data update, storing

completed order data, and even sending requests to other
companies (suppliers) are processed
There are many built in components for this stage and as an
example SQLItemADO for inventory update and SaveReceipt for
saving order data shall be described

Page Number: 235/268 Made by: Ifact


This component works simply by executing query for each item

with specified parameters
Typical example would be:
UPDATE prod_table SET inventory_field = inventory_field - ? WHERE SKU
With parameter list: Item.Quantity Item.SKU

Page Number: 236/268 Made by: Ifact


Saving order data from OrderForm object into the database can be
done after pipeline execution in application ASP script.
Alternative for this approach would be the use of the SaveReceipt
This component uses ReceiptStorage global object that specifies
all needed info about database where data for OrderForm needs to
be stored. The only field of SaveReceipt component - No save
key prefix determines prefix for those fields of OrderForm that
should not be saved to database. For example, if value is _CC_
then no sensitive credit card info shall be stored

Page Number: 237/268 Made by: Ifact

E-Xact Online Payment
E-Xact COM Object

E-Xact is one of the TGP service providers!

Of all technologies that can be used for e-commerce site creation
ASP (Active Server Pages) is probably the most popular one
One of the ways to enable automatic credit card payment
in ASP applications
is implementation of ActiveX COM object
provided by the E-Xact company

Page Number: 239/268 Made by: Ifact

Transaction Process

In order to make possible automatic credit card transactions several

parties must be involved in the process
Customer with his/her credit card
Merchant that owns the e-commerce site
Transaction Gateway Provider
Financial organization
(merchant must have an account with permission to accept CC payments)
Credit card issuing company

Page Number: 240/268 Made by: Ifact

Insides of the Transaction Process

Usual e-commerce transaction is performed like this:

Customer chooses whatever he desires to buy
(usually, information about goods customer wants to buy
is held in some form of shopping cart)
and then goes to a secured page (SSL)
where he/she enters personal, shipping, and payment information
Mentioned data is then securely transmitted over the net
to the merchants server.
By use of software, usually obtained from a TGP company,
merchant relays data to the TGP server which
(usually by simulating standard POS terminal)
performs authorization and capture of credit card transaction

Page Number: 241/268 Made by: Ifact

About the Object

E-Xact provides the COM Object that encapsulates

and hides from merchant the entire process of TGP communication
and the rest of the transaction processing
Responsibility for the CC abuse is now away from the merchant!
Object (as OCX file) can be downloaded from the company site
Before it can be used,
the OCX file has to be registered on the Web server.
Considering the nature of this object,
it can only be used on servers and with server-side technologies
that support the use of COM objects.
Of course, this means Microsoft Internet Information Server and ASP
(other choices are also possible, but not probable)

Page Number: 242/268 Made by: Ifact

Component Server Registration

Name of the file with the COM ActiveX object is ExactAX1.ocx

To perform component server registration
Copy ExactAX1.ocx to
local_drive:\<% winnt_folder %>\system32\inetsrv\components
Execute (in command prompt)
regsrv32 ExactAX1.ocx
The above registration is done with the following program:
regsrv32.exe ships with ExactAX1.ocx

Page Number: 243/268 Made by: Ifact


Of course, before usage, the component has to be instantiated

in the standard ASP (VBScript) way
Example (a line of this kind has to exist in the ASP code):
exactAuth = Server.CreateObject(ExactAX1.preauthorization98x)
This means that we will create an instance of the class
and store it into the variable
using the ASP command

Page Number: 244/268 Made by: Ifact


ASP application has to set objects properties to desired values

and then to call the method that initiates the transaction
There is a lot of properties of the ExactAX1 object,
so we shall describe the most important ones of them,
along with examples of its practical use

Page Number: 245/268 Made by: Ifact

$ Amount and CC Properties

The fields are set by standard object data assignment command

of the used OO scripting language;
OO scripting languages of interest here are
VBScript, JavaScript, and even Perl
Field amount: This property should contain
the amount of the transaction in US dollars
Field ccnum: Customers credit card number
(VISA, Master Card, and American Express are supported)
Field cardholder: Name of the customer written on credit card
Field expiry: Credit card expiry date

Page Number: 246/268 Made by: Ifact

Server Properties
Server related properties also have to be set!
ddmhip: IP address of the E-Xact (TGP) server
that component needs to communicate to.
Currently, the field ddmhip default value is
and it should not be changed (the IP address of the uhrsprung)
ddmhport: Port on the above mentioned server.
Default value is 2609.
This is a test port that can be used to test E-Xact functionality.
Credit card authorization will be performed,
but no financial transfer shall be done (test port, isnt it).
Full functionality is obtained after registration
at the E-Xact transactions LTD.
After registration, the port should be set to 2610
terminal: An 8 digit number that identifies the merchant.
For test purposes, the following number should be used:
exactAuth.terminal = 66001047

Page Number: 247/268 Made by: Ifact

Merchant Properties

merchant: 13 digit number that identifies the merchant account with

the cc payment acceptance permission
merchantAddress: Physical, real-world address of the merchant
merchantCity: City in which merchant resides
merchantEmail: E-mail address by which merchant can be contacted
merchantPostal: ZIP code
merchantProvince: State or province

Page Number: 248/268 Made by: Ifact

Types of Transactions
E-Xact system recognizes four types of transactions:
Purchase represents a standard transaction where money is, immediately
after authorization, transferred to merchants account.
This type of transaction is usually utilized when no shipment is needed
(customer just needs to download software or pays for services)
PreAuthorisationPurchase puts a temporary hold on the money
in the customers account, but does not transfer funds to merchants account
(not yet). This type of authorization is usually performed
when goods have to be shipped to the customer. When this is completed,
field exactAuth.autnum contains ID of the performed transaction.
When customer receives merchandise (or when merchant sends it)
new transaction, PreAuthorisationPurchaseCompletion, must be performed
in order to complete the money transfer.
Also, the merchant must specify which transaction needs to be completed
by setting the autnum field with previously obtained ID.
Refund is a transfer of money from merchants to customers account.

Page Number: 249/268 Made by: Ifact

Commencing a Transaction

After setting all the required fields,

merchants software calls the exactAuth.sendToServer method
that initiates the authorization process.
In other words, after all fields are set,
we call the SendToServer method to authorize the payment.

Page Number: 250/268 Made by: Ifact

E-commerce in Yugoslavia

The E-Bank Online Payment

General Info

E-bank is currently the only company in YU

that acts as a TGP (transaction gateway provider)
for online credit card payment
E-Bank system currently accepts
only BKB and Visa electron cards of Beobanka

Page Number: 252/268 Made by: Ifact


In order to be able to accept cc payment

merchant must fulfill the following steps:
Sign a contract with e-bank. This enables following:
Merchant on his store now has link I pay with cc
that leads to the e-bank SSL server
that accepts payment information and performs authorization.
Store identification number
Password for access to database
with info about performed authorizations
Sign a contract with the card issuing bank
(Beogradska Banka for Visa elektron credit card)

Page Number: 253/268 Made by: Ifact


Use of e-bank system requires,

as any other e-commerce payment system,
existence of software that controls the process of buying
and leads to the final bill - HTML with calculated final price.
Along with the final price, a unique number, transaction identifier,
that merchant and e-bank use for consistently storing information
about one transaction should be added to the transaction.
Unique number is the key for connecting together:
Merchant stores info about merchandise
that needs to be delivered to the customer
Payment information at e-bank databases

Page Number: 254/268 Made by: Ifact

Payment Process
To initiate payment process
customer presses the
button that sends his
browser to SSL protected
payment page on the e-bank
After authorization
completion, customers
browser is redirected to the
page specified by the
Optionally, merchant gets
e-mail confirmation
concerning the successfully
completed transaction

Page Number: 255/268 Made by: Ifact


This type of payment processing doesnt require

any additional security measures from the merchants store
Confidential data are only issued
on the 128-bit key SSL-protected e-bank site
It is important to mention that the level of encryption
also depends on the customers browser.
If the browser is compliant with the USA export laws
encryption will only be performed with 40 bit encryption keys,
without regards to the fact that server supports 128 encryption

Page Number: 256/268 Made by: Ifact

Good Behavior

Merchant is obligated to build his store

in an acceptable e-commerce manner
(i.e., the store must contain the following):
Complete description of merchandise
Retail prices
Conditions of warranty
Tax, transport and other additional expenses
Currency in which prices are shown
Export restrictions
Contact information: Tel. Fax, email, address
Country where merchant is physically located

Page Number: 257/268 Made by: Ifact

Connecting to e-bank

Design of the final page,

where the final price and contents of shopping basket are shown
to the customer
along with the mechanism to initiate payment, is not pre arranged
The only required thing is that page must contain data
that are going to be sent to the e-bank server
so that the payment could be properly initiated
This info is usually kept in hidden form fields
so that they doesnt influence appearance of the page
and can be easily sent to E-bank server
using a POST HTTP message

Page Number: 258/268 Made by: Ifact

Example on an EUnet YU site

Page Number: 259/268 Made by: Ifact


Click on the button Uplata karticom initiates POST message

that sends info contained in the following form
to the SSL e-bank server:
<form name="PAYMENT" action="https://ssl.e-" method="POST">
<input type="hidden" name="service" value="EUnet">
<input type="hidden" name="nextURL"
<input type="hidden" name="errorURL"
<input type="hidden" name="id" value="2335">
<input type="hidden" name="amount" value="72.00">
<input type="hidden" name="cardType" value="BKB">
<input type="hidden" name="fc" value="1">
<input type="button" value=" Uplata karticom "

Page Number: 260/268 Made by: Ifact

Hidden Form Fields

When e-bank server gets the POST message,

it relays message to payment Java Servlet that uses it
to create a page for accepting the payment information
Data is sent as hidden form fields:
Service: merchant ID
NextUrl and errorUrl specify where e-bank server
should redirect customers browser
in the case of successful and unsuccessful authorization.
ID: transaction identifier
Amount: final price in Yugoslav dinars
CardType: specify which cc is customer using

Page Number: 261/268 Made by: Ifact

Page Where Customer Types
Payment Info

Page Number: 262/268 Made by: Ifact


E-bank system employs one nonstandard fraud prevention mechanism.

System is password based
Besides cc number and expiration date system,
customer is required to type in an E-Pin password.
E-Pin is calculated from standard cc info
and credit card magnetic signature
and is not present on cc in a readable form.
Customer obtains it from his cc issuing bank
So, even in the case of the stolen cc,
the perpetrator still can not easily perform a fraud purchase

Page Number: 263/268 Made by: Ifact


Currently, by using E-bank system,

merchant can accept payment
only from customers from Yugoslavia
After E-bank is integrated into the global VISA authorization system,
merchant will be able to sell goods to customers from abroad
In Yugoslavia, as we speak,
there are about 15 000 BKB and VISA electron credit cards
but only around 30% is active and in regular use

Page Number: 264/268 Made by: Ifact

Issues in Modern Management
and Business Administration
The Three Approaches to Business

Common Sense
Fast Knowledge
Formal MBA

Page Number: 266/268 Made by: Ifact

Experiences From the MIT
Sloan School of Management
Growth versus organization (case: NCR)
Competition on the same levels of hierarchy (case: GreedyAlgo)
Distributed decision making (case: Fert)
Filters for partners (case: ChangesAfterContract)
Filters for staff (case: EthSocAca)
Mapping of jobs to staff (case: ImpedMatch)
The MBA/MSM game (case: ElectronicExperience)

Page Number: 267/268 Made by: Ifact

The MBA Issues of Importance

Morale of the Story

Page Number: 268/268 Made by: Ifact