The application of 3rd Party certification program in Malaysia

To maximize the benefit of e-commerce, security of e-commerce are becoming the important factor of growing of the globalization e-commerce. MSC Trustgate.com Sdn Bhd is the most popular application of 3rd party certification programme in Malaysia to secure the open network communications from both locally and across the ASEAN region. It is a licensed Certification Authority (CA) which operating in the Multimedia Super Corridoor in Malaysia in 4th March1999.The vision of Trusgate is clear which stated that “To enable organizations to conduct their business securely over the Internet, as much as what they have been enjoying in the physical world.”


Trustgate is licensed under the Digital Signature Act 1997 (DSA). As a Certification Authority, Trustgate’s core business is to provide digital certification services such as digital certificates, cryptographic products, and software development. Besides that, The products and services of Trustgate are SSL Certificate, Managed PKI, Personal ID, MyTRUST, MyKAD ID, SSL VPN, Managed Security Services, VeriSign Certified Training and Application Development Trustgate are committed to provide the finiest Public Key Infrastructure (PKI) to assist all tpes of companies and institutions conducting their business over the internet.



VeriSign, Inc. (NASDAQ: VRSN) is an American company which incorporated in 1995 at California. This company is the trusted provider of internet infrastructure services for the networked world. VeriSign, Inc. has extended its existing reseller relationship with MSC trustgage Sdn Bhd by entering into an additional agreement to deliver a range of advanced identity authentication services in Malaysia on 20th October, 2008. Under the new strategic agreement, MSC Trustgate will resell the VeriSign® Identity Protection (VIP) and VeriSign® Unified Authentication Services. These services offer businesses strong authentication for protecting the online identities of their customers, business partners and employees.

In our life, we can usually found out the Digital certificate through an e-mail message or some web page that provide credit card payment or some personal private data to verifies who they claim to be. User authentication, digital signatures and encryption is very common function of the digital certificate. Digital signatures are the signature that we use in digital world and to identify someone identity. Besides, the security of the webpage that we need to login our ID and password is relate to the User authentication. By using the information encrypted, Encryption can transferred the important information data in more secure way. The data we sent will not sent wrong to other people.

Fraud and identity theft have created a chilling effect on e-commerce and it is one of the fastest growing crimes in Malaysia. As we know, gaining the trust of online customers is vital for the success of e-commerce. From the point of view of e-commerce company, they need to make sure the website is earns its full potential by increasing customer confidence when they involve themselves in the e-transaction. By using the Digital certificate, it will increase the confident of consumer to involve in e-commerce transaction.

For more information about MSC, please log on to:
http://www.verisign.com/ssl/ssl-information-center/ecommerce-trust-ssl/index.html
http://www.msctrustgate.com/about_us.htm
http://www.verisign.co.nz/press/2008/20081020.html
http://www.verisign.com/ssl/index.html?sl=t72030166150000002&set=b034738&gclid=CJab3O2OrZsCFYEvpAodPHQZCg
http://milkteablog.blogspot.com/2008/06/application-of-3rd-party-certification.html

How to safeguard our personal data and financial data??

Nowadays, there are many incidents about the personal data has been lost or get stolen. The internet is unsafety for using. A lot of hackers try to hack into the others computer to steel the data in order to get the benefits. So, we must prevent those incidents happen in order to protect our authority.

The way to secure our personal data and financial data:

1. Protect computer's security. You can install and keep updating firewall, antispyware and antivirus programs to protect our personal and financial data. Firewall can prevent our personal data send out automatically. Besides that, our computer can get protection against virus and Trojan by using antivirus. Antispyware is the program that protect against from spyware or adware which is hidden in software programs in order to maintain our computer performance.



2.Set your PIN wisely.
Try not to use the personal data to create your password. The password must be strong enough, something that the thief can not guess. Besides that, you have to change the password frequently for protection. For example, you use your birthday as your password. It can easily guess by someone.

3. Do not reveal any personal information or passwords to anyone.
Try not to give the information to others if you can. You only can give your personal data to others for real need or the person u trust the most. Do not write down the password or personal information. It must be remember in your mind in order to prevent steel by others


4. Be cautious when accessing financial information in public especially when you withdraw money from the ATM. Do not let others see when you key in the password. User must remember to log out properly after using any of the Financial Data Center or member services. Be vigilance in every moment.



5.Backing up data externally for safety. It can prevent from any uncertainty events or disaster occurs. For example, fire, robbery, flood disaster and so on.
6. Review your monthly statements. This is the protection for an inaccuracy amount that you spend. A lot of cases happen in Malaysia, the amount charges is more than actual amount. So, the users must check it frequently to get the confirm amount. It will alert you to possible fraudulent charges and legitimate charges for services that are either redundant or no longer necessary.

7. Avoid clicking on pop-up ads or downloading information from unknown sites. Don't open mystery attachments. Some of the ads is a virus, once you click, the virus will infect to your computer. Thus, your personal data and financial data will get stolen easily.

8. Be caution while receiving an Email. Avoid Phishing email. It is a theft that used to gain information for purposes of identity theft, using fraudulent email message that appear to come from legitimate business. for example, asking for account number and passwords, credit cards numbers.

Phishing: Examples and its prevention methods

The meaning of Phishing:
Phishing is a crimeware technique used to steal the identity of a target company to get the identities of its customers. While crimeware is software designed to infect a computer and take personal information that can be used to steal from the computer user. In other words, phishing is an e-mail fraud method in which the perpetrator sends out “legitimate-looking” email in an attempt to gather personal and financial information from recipients.

Usually, these massages appear to come from well known and trustworthy Web sites in order to ask for individual’s personal and sensitive information such as the bank account number, username & password, and others security number. Fraudsters and scammers like to use reputable organizations such as May Bank, Citibank, and Trusted Bank. Besides, most of the phishing web sites have the “link” and it always request recipient to click on the link in order to bring the user to another web site. Although the URL of the fraudster’s webpage appears to be true, it actually links to a fraudster/phisher’s webpage.


Examples of Phishing:
http://www.banksafeonline.org.uk/examples/phishing_visa_mastercard.html

http://www.banksafeonline.org.uk/examples/phishing_hsbc.html

http://www.banksafeonline.org.uk/examples/bankofscotland_phishing.html


http://www.banksafeonline.org.uk/examples/phishing_nab.html



http://www.banksafeonline.org.uk/examples/phishing_rbs.html

other examples:
http://www.banksafeonline.org.uk/phishing_examples.html
http://www.antiphishing.org/consumer_recs.html

How to avoid Phishing Scams:

First and foremost, use common sense. Fraudsters are very effective at pretending to be companies, people and even government that they’re not. Therefore, individual have to carefully determine who you’re dealing with. For example, if a promise sounds too good to be true, it probably is a fraud.

Second, never give personal information to a stranger who contacts you by emails or phone or other means. Never agree to anything without researching the facts. No matter how urgent the fraudsters claim the deal is, for safety purpose you yourself should call up the legitimate company for verification and confirmation. Don’t use the links in an email, instant message to get to any web page.

Third, avoid filling up forms in email messages that ask for personal or sensitive information if you suspect the message might not be authentic or you don’t know the sender. Always ensure that you’re using a secure website when submitting your personal or sensitive information via Web browser.

For more information about how to avoid phishing, please log on to:
http://www.antiphishing.org/consumer_recs.html
http://www.privacyrights.org/fs/fs17a.htm
http://www.antiphishing.org/DOJ_Special_Report_On_Phishing_Mar04.pdf

The threat of online security: How safe is our data?

Online security threats are one of the biggest challenges on the Internet today. Most companies continue to enhance their systems and processes as electronic banking system evolves. The question is “Are they protecting their customers’ information from being hack and how safe are their data?” However, in order to cope with the online security threats, many organizations are continually looking for ways to help their customers aware of the threats/fraudsters and to protect themselves.

Looming Online Security Threats in 2008 and 2009:
One of the nontechnical attacks-social engineering, is a type nontechnical attack that uses social pressures to trick computer users into comprising computer networks to which those individuals who have access. With social engineering, an attacker tries to convince someone that he is someone else and also can be as daring as putting on a mask and pretending to be someone else. The social engineering tactics have changed. In the past, they used cleverly worded conversations to get information to launch attacks, this tactic continue to be used because it is extremely effective. But now, social engineering attacks are Web 2.0 attacks. Web-based services including social networks like MySpace, YouTube and Facebook are becoming prime targets for hackers seeking individual personal information.
For example, in September 2008, the information of ten thousands of customers of Automatic Data Processing(ADP) and Sun Trust Banks(STI) were stolen from Salesforce.com which provides online customer management software for these two companies. The incident occurred after a hacker tricked a Salesforce.com employee into disclosing a password.

Major online threats:
http://www.bsagovernment.com/downloads/MajorOnlineThreats.pdf
Apple Macs Becoming "Soft Targets": http://www.readwriteweb.com/archives/top_online_security_threats_for_2009.php

Several ways to protect our data:
1) Access control mechanism: used to determine who can legitimately use the network resource and define which users have access to which resources and what rights they have with. E.g. window log in system
2) Passive tokens: storage device that contain a secret/hidden code such as ATM card, membership card and credit card.
3) Active tokens: small and stand alone electronic devices that generate one-time passwords used in a two-factor authentication system. E.g. Public bank’s E-payment.
4) Biometric system: Authentication systems that identify a person by measurement of a biological characteristic such as fingerprint and iris (eye) patterns.
5) Encryption: The process of encrypting or transforming data in different way that’s difficult, expensive or time-consuming for an unauthorized person to decrypt it.

Google vs eBay vs Amazon.com

The more obvious differences between Google, Ebay, and Amazon.com are in the revenue models. Broadly, advertising for Google Ads, and commissions for Ebay and sales minus costs for Amazon.com. Another way to look at it would be that a user reads about the newest, coolest widget on Yahoo, researches about it on Google, while clicking on a few ads there, buys the product on Amazon, and then auctions it off on Ebay. The major revenue models include sales revenue model, transaction fee revenue model, advertising revenue model, subscription revenue model and affiliate revenue model.

For Google, its major incomes were from advertising revenue model which includes Google AdWords, Google AdSense and so on. The Google Adwords is a pay per click advertising where advertisers published advertisement on Google’s website and is paid once online users’ clicks on it. However Google AdSense is an ad serving program. Website owners can enroll into it to enable text, image and video advertisements on their sites. These ads can generate revenue on the basis of per click or per thousand impressions. Others related programs are Google advertising professionals, Google audio ads, Google TV ads, Google website optimizer and Google site search.

Ebay generates revenue from a numbers of fees such as insertion fees (when an item listed on Ebay, this nonrefundable fee is charged), promotional fees (charge for additional listing options that help attract attention for an item, such as highlighted or bold listings), and final value fees (commission charges to the seller at the end of the auction). Furthermore, Ebay generate revenue by sales revenue model through its subsidiary, Half.com, offers fixed price, person-to-person selling of goods. It charging a 15% commission on completed sales. Additionally, a portion of Ebay’s revenue also comes from direct advertising on the site, as well as end service providers whose services increase the speed of transactions. The acquisition of PayPal, whose products allow the exchange of money over the Internet, brings additional transaction based fee revenue.

Basically for Amazon.com, it charges a commission rate based on the sale price, a transaction fee and a variable closing fee which are sales revenue model and transaction fee revenue model. Moreover, Amazon.com also generates revenue by affiliate revenue model. AStore is an Amazon.com affiliate product which website owners can use to create an online store on their site. The store doesn’t allow website owners to sell their own products directly. Website owners pick products from Amazon store and earn referral fees on the products purchased by their readers. The fee structure is currently the same as for the other affiliate links and ranges from 4% to 10% of the product price.

ToysRus.com failure and its causes..

Purpose of Toys R Us launched its e-commerce subsidiary (ToysRus.com) were hoping to reach and provide their customers the products and services whenever and wherever they need. In 1999, ToysRus.com had established as a premier online toy, video game and baby store outlet. Unfortunately failing to handle the orders flushed into its website, the company totally lost track of thousands of orders or failed to deliver them on time. Information on the Internet spreads like wild fire. If words of unhappiness are being spread around to potential customers, the reputation would be damaged. Therefore, poor order fulfillment had been affected ToysRus.com. The Federal Trade Commission was fined Toys R Us $350,000. Although the company had pumped millions of dollars into setting up its own online operation and distribution network for order fulfillment it had to announced 75% slump in profit 2000.


For our opinion when the big company intended to do business online they were forgetting some common factors that will affect their company during the holidays. Shipping takes man power especially during peak season. It tends to slow down simply by the volume of orders of the mail service industry receives in short period of time. Frankly, not all the companies have the capital to invest in such a large expansion. If they are going into the e-commerce industry, they can't avoid from not putting in that investment.


Other cause of failure is the inability of the customer to choose products that are more effectively sold online than in the real world. Clothing shopping online requires the customer to guess at what they had looked like in the garments presented on a website. Attempts to sell automobiles online without the test drive have been woefully unsuccessful. And even provisions are a hard sell, the people still want to pick out product that they look for and prefer in spite of having inconvenience to going out to do it themselves.


On the other hand, the failure cause is delivery stock to the customer is not on time. As we should know that, getting customer to the site is one thing, while delivering is another thing. Bricks and mortar retailers have no such problems. Failure to deliver the ordered stock on time to customers caused eToys (Toyrus Company) to give away hundreds of $US100 vouchers to displeased customers.

Amazon.com success and its causes..

E-commerce has a great deal of advantages over “brick and mortar” stores and mail order catalogs. Consumers can easily search through a large database of products and services. They can see actual price, build an order over several day and compare prices then buy the selected product at best prices.


In return, online vendors also get distinct advantages. The web and its search engines provide a way to be found by customers without expensive advertising campaign. Even small online shops can reach global markets. Web technology also allows to track customer preferences and to deliver individually-tailored marketing (for example, dynamic catalog).
Amazon.com, Inc. is one of the most famous e-commerce companies was founded in 1994 by Jeff Bezos and was one of the first American e-commerce companies to sell products over the Internet. After the dot-com collapse, Amazon lost its position as a successful business model. However, in 2003 the company made its first annual profit which was the first step to the further development.


At the outset Amazon.com was considered as an online bookstore, but in time it extended a variety of goods by adding electronics, software, DVDs, video games, music CDs, MP3s, apparel, footwear, health products, etc. Shortly it become popular in the Internet after renames his business “Amazon” formerly known as Cadabra.com. In 1999 Jeff Bezos was entitled as the ‘Person of the Year’ by Time Magazine in recognition of the company’s success. Although the company’s main headquarters is located at USA, Amazon has set up separate websites in other economically developed countries such as the UK, Canada, France, Germany, Japan, and China. The company supports and operates retail web sites for many famous businesses, including Marks & Spencer, Lacoste, the NBA, Bebe Stores, Target and so on.

Amazon is one of the first e-commerce businesses to establish an affiliate marketing program, and nowadays the company gets about 40% of its sales from affiliates and third party sellers who list and sell goods on the web site. In 2008 Amazon penetrated into the cinema and is currently sponsoring the film “The Stolen Child” with 20th Century Fox.


According to the research conducted in 2008, the domain Amazon.com attracted about 615 million customers every year. The most popular feature of the web site is the review system, i.e. the ability for visitors to submit their reviews and rate any product on a rating scale from one to five stars. Amazon.com is also well-known for its clear and user-friendly advanced search facility which enables visitors to search for keywords in the full text of many books in the database.

The history and evolution of E-commerce

Shopping would be one of the most popular activities among the web. It has much allure in it! You can shop at your leisure, anytime, and in your pajamas. Literally anyone can have their pages built to display their specific goods and services.
Dates back to the invention of the very old notion of “selling and buying”, electricity, cables, computers, modems, and the Internet. E-commerce became possible in 1991 when the Internet was opened to commercial use. Since that date thousands of businesses have existed at web sites.

At first, the term e-commerce means the process of execution of commercial transactions electronically with the help of the leading technologies such as Electronic Data Interchange (EDI) and Electronic Funds Transfer (EFT) which gave an opportunity for users to exchange business information and do electronic transactions. In the 1960’s EDI allowed companies to send commercial documentation electronically. There was several different EDI formats that business could use, so companies still might not be able to interact with each other.

However, in 1984 the ASC X12 standard became stable and reliable in transferring large amounts of transactions. In 1992 when the Mosaic web-browser was made available, it was the first ‘point and click’ browser. The Mosaic browser was quickly adapted into a downloadable browser, Netscape which allowed easier access to electronic commerce.


Although the Internet began to advance in popularity among the general public in 1994, it took approximately four years to develop the security protocols (for example, HTTP). The development of DSL was another key moment in the development to of e-commerce. DSL allowed quicker access and a persistent connection to the Internet.


The development of Red Hat Linux was also another major step in electronic commerce growth. Linux gave users another choice in a platform other than Windows that was reliable and open-source. Microsoft faced with this competition needed to invest more in many things including electronic commerce.

Napster was an online application used to share music files for free. This application was yet another major step in e-commerce. Many consumers used the site and were dictating what they wanted from the industry. A major merger, in early 2000, between AOL and Time Warner was another major push for electronic commerce. The merger worth $350 million which brought together a major online company with a traditional company.

Today the largest e-commerce is Business-to-Business (B2B). By the end of 2001, its had around $700 billion in transactions. According to all available data, e-commerce sales continued to grow in the next few years and, by the end of 2007, e-commerce sales accounted for 3.4 percent of total sales. Other varieties growing today include Consumer-to-Consumer (C2C) where consumers sell to each other through auction sites. Peer-to-Peer (P2P) is another form of e-commerce that allows users to share resources and files directly.

E-Commerce (tutorial 2)

This blog is created to accomplish one of the tutorials which is tutorial 2. Since this is the first blog we try to create, therefore it may has quite a lot of mistakes when you read through this short blog.
We have been asked by our tutor to create a blog which contains the brief information of every member of our team. We would like to start with introducing our team members then following by listing out the top five websites that we visited the most and the top five activities as well. Our team members are Tan Doo Inn, Tan Hwei Ting(Irene), and Yap Bee Huan. We are all UTAR students and live in Sg Long. Meanwhile we having the common hobbies which are like to "Yam Cha" & chit-chating, always looking for delicious food( ho-jiak) and also like to "lepak-lepak" when people are concentrating in the class *skip class*...hehe..
Besides there are 2 things that we hate the most....final examination and the assignment...because during this period we have to put a lot of effort and spend a lot efford on it....
Secondly, we would like to list out the top five websites that we visited the most which are Google, Youtube, Facebook, Kennysia, and the Hotmail website as well. While the purpose we always log on to these websites is to keep our information updating and to know more friends through the world wide web.
The End...we will post the next blog as soon as possible..

Tan Doo Inn

Yap Bee Huan



Tan Hwei Ting