Transcript Chapter 15

Core Concepts of
ACCOUNTING INFORMATION SYSTEMS
Moscove, Simkin & Bagranoff
Developed by:
Marianne Bradford, Ph.D.
Bryant College
John Wiley & Sons, Inc.
Chapter 15
Electronic Commerce and
the Internet
•
•
•
•
Introduction
The Internet and the World Wide Web
Electronic Commerce
Privacy and Security on the Internet
Introduction
• This chapter describes the Internet and some
of its accounting uses.
• One of the most important uses is for
electronic commerce.
• Managers are recognizing the importance
of Internet privacy and security since
they conduct at least some business on the
Internet.
The Internet and
World Wide Web
• The Internet is a collection of hundreds
of thousands of local and wide area
networks that are now connection
together via the Internet backbone.
• An Internet service provider
(ISP) maintains its own Internet
computers.
Internet Addresses and
Software
• To transmit data over the Internet, a computer
uses an Internet address and a forwarding
system.
• The Internet address begins as a domain
address, also called a universal resource locator
(URL).
• Internet computers translate text-based
domain addresses into numeric Internet
protocol (IP) addresses.
Intranets and Extranets
• Intranets are internal company networks
that use the same software as the
Internet.
• Some businesses create Extranets that
enable selected outside users to access
their Intranets.
The World Wide Web
• The graphics portion of the Internet is
called the World Wide Web.
• A Web browser enables users to view the
graphics files of the Internet.
• Web pages are created in an editing
language such as hypertext markup
language (html) or a programming
language such as java.
The World Wide Web
• The Internet transfers Web pages from one
computer to another using a communications
protocol such as hypertext transfer protocol
(http).
• A home page is the first page a user
sees when he or she supplies a
web browser with a domain
address.
• Home pages act as a table of
contents with hyperlinks to other
web pages.
E-mail, Groupware, and
Electronic Conferencing
• Electronic mail enables individuals or
companies to communicate with other
Internet users around world.
• Electronic conferencing tools
enable users to teleconference
with one another.
Advantages of Email
•
•
•
•
•
•
•
•
Eliminates “telephone tag”
Eliminates inaccurate or misleading messages
No interruptions
Time shifting
Message distribution
Facilitates replies
Maintaining information
Attaching files
E-mail, Groupware, and
Electronic Conferencing
• Newer work group software called groupware
allows users to send and receive email, plus
perform a wide range of other tasks.
• Groupware has also been the technology
behind the knowledge sharing that many
professional service firms use as
competitive advantage.
Electronic Commerce
• Electronic Commerce (EC) refers to
conducting business with computers and
data communications.
• EC can be performed over the Internet or
using proprietary lines.
• General categories of EC include
retail sales, E-cash,E-wallets, and
electronic data interchange.
Retail Sales
Advantages of Virtual Stores
• Creating Web pages is cheaper than creating
and mailing catalogs.
• Distribution is worldwide.
• Selling takes place around the clock with no
additional staffing requirements.
• Product descriptions, sales prices, and
information on merchandise availability can be
updated immediately.
• Customers create their own sales orders online.
• The sales personnel required for these virtual
stores is minimal.
E-Cash
• With the use of credit cards over the Internet,
identity fraud can be a problem.
• Electronic cash (E-cash) may be a more
desirable payment method.
• The most important advantage of E-cash is the
ability to identify its users.
• E-cash eliminates the need to
transmit credit card numbers
over the Internet.
E-Wallet
• E-wallets are software applications that
store a consumer’s personal information,
including credit card numbers and
shipping addresses.
• The advantage of an E-wallet is
that you do not have to enter
all your personal information
every time you make an
online purchase.
Business-to-Business
E-Commerce
• Most e-commerce is business-to-business (b2b).
• A major part of b2b e-commerce concerns
purchases of supplies and equipment
electronically or electronic procurement.
• Companies may manage their supply chain by
linking e-commerce to internal enterprise
resource planning (ERP) systems.
Electronic Data Interchange
• Electronic Data Interchange (EDI) allows
organizations to transmit standard business
documents over high-speed data
communications channels.
• EDI streamlines processes because
1) business partners exchange
documents quickly and easily,
2) there are no postal delays,
and 3) EDI eliminates most
of the paperwork.
VAN-based EDI versus
Internet-based EDI
• To implement EDI applications, most businesses
currently use private, point-to-point
communication channels called Value-Added
Networks (VANs).
• An alternative to VAN-based EDI is to use the
Internet.
– Advantages of Internet-based EDI are the ability to
use well-understood Internet technology, a preexisting,
costless network to transmit business data, and
convenience.
– Disadvantages of using Internet-based EDI are data
security and lack of consulting expertise in the
implementation phase.
Privacy and Security
on the Internet
• The Internet and WWW have the
advantage of being very accessible.
• Accessibility can also mean
“vulnerability”.
• Email, Webpages, and computer
files can be accessed by
someone posing as an
authorized user.
Privacy and Security
• An Internet presence for companies
introduces unique privacy and security
concerns.
• These concerns call for specialized
controls that limit data and information
access to authorized users.
• Authentication involves verifying that
users are who they say they are.
Firewalls
• A Firewall guards against unauthorized access
to sensitive file information from external
Internet users.
• This is security software that a company
installs on Internet computers and that limits
file accesses to authorized users.
• Firewall software examines packets of incoming
messages using an access control list.
• Firewalls cannot prevent spoofing, or
masquerading as an authorized user.
Proxy Servers
• A Proxy Server is a computer and related
software that creates a transparent gateway to
and from the Internet, and that can be used to
control Web accesses.
• Four advantages of proxy servers:
– Funnel all incoming and outgoing Internet requests
through a single server
– Examine all incoming requests for information and test
them for authenticity
– Limit employee Internet access to approved Web sites
– Limit information to only Internet-related materials
– Ability to store frequently accessed web pages on the
server’s own hard disk.
Data Encryption
• Data Encryption transforms plaintext messages
into unintelligible cyphertext ones using an
encryption key.
• Data encryption standard (DES) is an
encryption scheme used by the U.S.
government.
• A single key is shared by communicating
parties in secret key cryptography.
• Public key encryption requires each party to
use a pair of public/private encryption keys.
Digital Signatures
• A Digital Signature is used to authenticate
business documents transmitted or received
over the Internet.
• In 1994, the Digital Signature
Standard (DSS) was adopted by
the National Institute of Standards
and Technology.
• The presence of the digital signature
authenticates a document.
Digital Certificate
• Another authentication technique is the
digital certificate.
• Digital certificates are verification of
identity provided by an independent
third party called a certificate authority.
• These certificates are signed documents
with sender names and public key
information.
Digital Time Stamping
• Many important documents transmitted
over the Internet are time sensitive.
• Digital Time-Stamping Services (DTSSs)
attach digital time stamps to documents.
• Time stamps enable businesses
to overcome problems of downed
file serves or power failures that
delay transmission.
Auditing and Third-Party
Assurance
• Auditing e-commerce is a specialized field.
• Organizations require assurances that their
Internet controls are working and are
adequate.
• The risks introduced by a business’s
Internet presence have created a
market for third-party assurance
services.
TRUSTe
• TRUSTe assurance seal is an example of
limited assurance of data privacy.
• TRUSTe is a nonprofit organization that
issues a privacy seal.
• Some professional firms incorporate
the TRUSTe seal into their
information systems.
Copyright
Copyright 2001 John Wiley & Sons, Inc. All rights reserved.
Reproduction or translation of this work beyond that permitted in
Section 117 of the 1976 United States Copyright Act without the
express written permission of the copyright owner is unlawful.
Request for further information should be addressed to the
Permissions Department, John Wiley & Sons, Inc. The purchaser may
make backup copies for his/her own use only and not for distribution
or resale. The Publisher assumes no responsibility for errors,
omissions, or damages, caused by the use of these programs or from
the use of the information contained herein.
Chapter 15