Frameworks for Electronic Commerce | Intelligent Enterprises of the 21st Century

The pervasiveness of the Internet is creating opportunities for businesses to tap new markets as well as better service existing markets. Opportunities are also being presented for start-ups leveraging solely on the Internet to join the business community. These have given rise to what is now called e-commerce.

Being one of the early adopters of e-commerce in the world, Singapore has put in place an array of initiatives and frameworks (http://www.ida.gov.sg and http://www.ec.gov.sg) to allow businesses to ride on the e-commerce platform, which leverages on the Public Key Infrastructure (PKI) technology. Many of these have been fine-tuned on the basis of accumulated experiences and cognizance of best practices in other countries. The more important of these initiatives are summarized in this section.

Issuing Digital Certificates

To address the concerns of parties using the Internet for financial transactions, the need to provide security to the transactions is critical.

In the context of the foregoing, two certification authorities (CA) have been set up to provide digital certificates to parties that require user identification and network security of a high order. To ensure trust in the certification authority's credentials, the government has taken equity stakes in both the certification authorities. The first CA was set up in 1997 as a collaboration between the National Computer Board and the Network for Electronic Transactions — this is the first CA in South Asia. The second was set up as a joint venture between Singapore Post and Cisco Computer Security in 1998.

The digital certificate comprises information about the certification authority, the expiry date of the certificate, encoded information about the user's public key and information about the account. Signatures on the certificates are generated electronically by the certification authority and cannot be replicated by others. In the event of a third party obtaining the certificate fraudulently, the account information cannot be decoded.

Depending on the hierarchy of security assurance needed, digital certificates can be issued on smart cards or on validated tokens for high-end transactions and on diskettes or hard disks for low end transactions as well as for pre-qualified access to online services.

Alternative Payment Systems

For the potential of e-commerce to be exploited, a multiplicity of payment channels are necessary. Some of those in use in Singapore are elaborated hereunder:

A Secure Electronic Transaction (SET) system was established in 1997 to service credit card purchases over the Internet, this being a world-first.
NETSCash, the digital version of the cash card, is available to service low denomination purchases (S$0.01 - S$500.00). Its attractive feature is the anonymity option that it provides users wishing to purchase products online from merchants.
Online debit via Internet banking—this has been available since 1997 and is limited to the big four local banks. The number of users of online banking currently exceeds 300,000.
NETS Financial Data Interchange, which permits electronic interbank payments.

Business-to-Business Security Service Providers

There is recognition that emerging digital enterprises as well as small and medium enterprises may not want to invest initially in their own e-commerce infrastructure for various reasons. To cater to the needs of these enterprises, many business-to-business security service providers have been licensed.

Application Service Providers

Transactions on the Internet are not conducted via the traditional face-to-face interaction. There is thus no guarantee that the credentials of the various parties are as claimed. The risk of personal and credit card details being intercepted in the open network is also high. All these raise concerns about the security of transactions on the Internet. The need to endow e-commerce transactions with a measure of security and transparency is thus of paramount significance.

To address the foregoing concerns, the emergence of Application Service Providers (ASP) in the e-commerce value chain has been encouraged. They fulfill a gamut of services, ranging from sales and marketing, human resource management, and customer relationships to collaborative working with businesses. This allows businesses to focus on their core functions whilst ancillary functions are outsourced to the ASPs.

The large number of ASPs which have been licensed for operation are helping to promote a total environment for cost-effective transactions on the Internet. They have also come together to form the ASP Alliance Committee, which aims to position Singapore as a hub for e-commerce in the Asia-Pacific region.

Digital Rights Management

Fulfilling a key role in the e-commerce ecosystem, Digital Rights Management (DRM) is a service that offers content encryption for businesses wishing to protect their intellectual copyrights (Sinnreich et al., 1999). The mushrooming of DRM businesses was a natural corollary of Singapore's advanced telecommunications infrastructure, R & D capabilities in information and communication technologies, and the growing increase in content-hosting in the Asia-Pacific region.

The emergence of DRM was predicated by the realization that replication/duplication technologies have made it easier for the global public to infringe intellectual copyrights and for traders to use copyright material for mass distribution. No where is this more common than in the music industry, where songs can be easily compressed into MP3 format for free distribution over the Net without any compensation for copyright owners. DRM makes this infringement impossible by the provision of technology to encrypt copyright material in a manner that it cannot be duplicated/replicated without permission from the copyright owner. It also facilitates continuous tracking of the material used for the purpose of collection of revenue.

In Singapore, it is now possible for owners of copyright materials such as music, books, designs, etc., to use DRM to protect their works through one of the following means:

Embedding a watermark in the digital content to aid in identifying the source of the content, irrespective of the number of times the material has been duplicated.
Using encryption algorithms to encode content so that it can be accessed only by people with the necessary applications software.
Controlling distribution of digital content through the use of permission sets, that is, through usage and business rules.
Collecting consumer data for the purpose of billing.

E-Business Hosting Centre

Singapore has close to 100,000 SMEs, and a key objective of the government is to make them active participants in the e-commerce ecosystem. Many may not want to invest initially in their own web architecture and ICT manpower or may not be in a position to invest in these services. Recognizing the tremendous business potential that this presents, IBM has been licensed to establish an e-business hosting centre in Singapore— its first in the Asia-Pacific region outside Japan (Nandy, 2000).

Run on IBM's proprietary system framework known as Universal Server Farm, the centre offers a slew of web services and solutions to SMEs. A nominal package costing S$1300 provides a company with a web environment, replete with Internet connection, firewall, server rack setup, account management and a service portal. Other modularised packages are available at extra cost.

The intent behind the establishment of the centre is to allow SMEs to focus on their core mission whilst the tie-up will create a tributary for additional growth on the e-commerce platform.