Lei Shi

ITS 380

Chapter 5


Case Study Questions

1.      What is the value proposition that Apple Pay offers consumers? How about merchants?

For consumers, Apple Pay offers convenience, security, privacy, no additional cost, and adoption by a large number of merchants.For merchants, Apple Pay offers wide-spread adoption among consumers, more efficient consumer payment process (no waiting for card approvals, no slips of paper), and security.

2.      What are some of the limitations of Apple Pay that might prevent its widespread adoption?

The payment made through Apple pay offers requires an iPad. People who are using other IOS like android and windows cannot use the Apple pay offers.

3.      What advantages do the Square and PayPal mobile card-swiping solutions have in the mobile payment market? What are their weaknesses?

Square and PayPal mobile device card readers are quick to install, inexpensive, and reliable for taking mobile payments from consumers.They suffer from the same security limitations as any magnetic card reader device; they still require the consumer to carry a card.

4.      What strategies would you recommend that Apple pursue to assure widespread consumer adoption of Apple Pay?

Apple needs to get more merchants on board, and should consider modifying its Apple Pay so that merchants could market during the payment process.Without merchant participation, Apple Pay will take many more years to achieve acceptance.


1.      Why is it less risky to steal online? Explain some of the ways criminals deceive consumers and merchants.

The potential for anonymity on the Internet can allow criminals to assume identities that look legitimate and at the same time, shield them from law enforcement agencies. Using these assumed identities, criminals can place fraudulent orders with online merchants, intercept e-mail, steal customer information, and shut down e-commerce sites using software viruses.


5.      Name the major points of vulnerability in a typical online transaction.

The major points of vulnerability are at the client level, at the server level, and over the Internet communications channels.


10. Briefly explain how public key cryptography works.

Public key cryptography solves the problem of exchanging keys by creating a mathematically related public key and private key. The private key is kept secret by the owner, while the public key is widely disseminated. The main concept behind this method is that a one-way, irreversible mathematical function is used to produce the keys. Both keys can be used to encrypt and decrypt a message, but after it is encrypted, the same key cannot be used to decrypt a message. Only a person with possession of the recipientís private key can decrypt a message. The addition of a digital signature ensures the authenticity of the message and guarantees non-repudiation. The sender uses his or her own private key to encrypt the message along with a hash function, which has been added to create a unique digest of the message. When used with the hash function, the digital signature is even more unique than a handwritten signature. This irreversible process creates a cipher text that can be read only by the recipient using his or her private key.


15. Briefly discuss the disadvantages of credit cards as the standard for online payments. How does requiring a credit card for payment discriminate against some consumers?

A disadvantage to credit cards is that merchants must pay a significant transaction fee of from between 3% and 5% of the sale. The risks of a transaction, as mentioned above, are largely borne by the merchant. In addition to the percentage fee, merchants must also pay an additional transaction fee of 20-30 cents per transaction as well as other set-up fees. The high transaction costs make selling small items such as articles and music tracks undesirable on the Web. Furthermore, online merchants never see the actual card being used, no card impression is taken, and no signature is available. These last three reasons are why consumers can later dispute charges. The merchant faces the risk that transaction will be refuted and reversed even though the merchandise has already been shipped, or the digital product has already been downloaded. Existing credit card payment systems also offer poor security because neither the merchant nor the consumer can be fully authenticated. Requiring a credit card for payment also discriminates against some consumers because millions of young adults and almost one-hundred million Americans who cannot afford credit cards are denied access to online shopping.


20. How are the two main types of EBPP systems both alike and different from each other?

The two main types of EBPP systems, biller-direct and consolidators, are alike because the bill payment process always involves the customer, the biller, the bank, and potentially a third-party processor. Both enable bills to be created, delivered, and paid over the Internet. Biller-direct systems often use a service bureau to provide the infrastructure necessary to implement the system. This may include the review and paying of just a single bill or increasingly, several different bills. In biller direct systems, the customer accesses the bill at the biller's Web site. Consolidators aggregate all bills for consumers and ideally provide a one-stop bill-paying destination. Customers access bills at the Biller Service Provider's consolidated Web site and/or aggregated from multiple sources at a single Customer Service Provider Web site.




Imagine you are the owner of an e-commerce Web site. What are some of the signs that your site has been hacked? Discuss the major types of attacks you could expect to experience and the resulting damage to your site. Prepare a brief summary presentation.

There are some signs that your access to administrator accounts is blocked, or canít access. The homepage will be changed. In the .php files you can find disguises malware and viruses. The hacker can change those and you cannot access to your page.