TRUST as an Important Aspect of Successful E-commerce

(Jutta Jerlich, Mag, 2008)The critical factor in any e-business, e-commerce and e-learning is the missing human interaction that is created on the basis of trust and common values.
Trust could be defined as the consumer’s willingness to risk the loss of time, money and personal data (Nielsen Norman Group, 2000), in a situation involving uncertainty.

We all know that in the electronic business environment, the face to face communication between parties is lacking and being replaced by the human machine interface. A successful electronic commerce will now depend on the trust imposed between the communicating parties in product and services exchange w/c is the focused of this kind of industry. TRUST is considered as the essential factor in buyer-seller relationship, so there should be a alternate consideration when conducting it using electronic media technologies because its not the same as performing trust in physical or face to face environment.

What is trust in electronic commerce environment?

(Jones, Ambrose, Rai, 2003) One broad definition of trust is the willingness of a buyer to be vulnerable to a seller's non-desirable actions while expecting the seller to perform actions that are beneficial to the buyer without the buyer having to monitor these actions. Buyers look for signs from sellers that increase their trust, and sellers look at ways they can help build buyers' trust. Traditional trust-building mechanisms include physical presence, past actions, and legal and regulatory frameworks. The emergence of online businesses has brought about new challenges for building trust, in both B2B and B2C business environments. The evolution of new e-business models and the advances in information technology have raised more challenges than solutions for establishing and maintaining trust in the electronic marketplace. Both academicians and practitioners are looking for clearer answers to enhancers and suppressors of trust,...

Based on what have stated a while ago, building trust for successful electronic commerce business transactions depend for both the buyer and sellers side. It is in their hands for making it possible, they have to work hand in hand for it. As what have mentioned, they buyers is looking for signs in where they can trust the seller,at the same time the seller have to find ways on how to show that signs to the buyer. That commonly the starting stage in building good e-commerce relationship between buyers and sellers, and thats how trust is build between both of the parties. If it started that way, the possibility of a long and continuous transactions were made for each one benefits. However, the maintenance of a good relationship is not under control for both parties. Why? Its because trust is not established physically making it hard to detect or predict if theres changes before one will experienced the worst effect of it.

The majority of individual or organization who performed electronic commerce are those in business environment, so money is everybody concerned and the focus of almost all the transactions. The electronic network or the internet is the primary medium of online transaction and making electronic commerce possible for individual and organizations. However, the internet also offer the opportunity to individuals to earn money in a negative way or in illegal way. In buyers perspective, its hard to know if you've got the authorized or legitimate suppliers or sellers of bought product or services. You cant predict if all they want is to get your money or not, and cant be sure of it until your order has been delivered in your door. In sellers perspective, they never stop thinking of the best strategies to get the buyers trust. Its not that hard for them to get it for buyers won't know their real intentions without experiencing it. Though theres an existing e-commerce law to protect and avoid this kind of scenario, its still not that hard for illegitimate but knowledgeable enough buyers to escape from the law without even punisher of their actions. From that, aside from the benefits of e-commerce its also in favor for those illegitimate individuals.

To avoid it means successful electronic transaction between buyers-sellers relationship. One practical way of doing it is to build trust and implementing security measures to maintain it. The success of electronic commerce is highly and mainly depending on the ability of an organization to build up trust to their customers.

What are those security measures that the organization must take to have a successful electronic commerce transaction???

(Gaby Herrmann, Peter Herrmann,2004) because of the online environment of electronic commerce, theres already a lot of bankruptcies of e-commerce companies, and the main reason of this is the real and assumed lack of security in transacting and making businesses online. Often, organization and companies are trying to be confident to their users because of their state of art security measures and security mechanism. But this was found to be irrelevant for researchers, maybe this can be just a business strategy for organization to attract customers. Customers should not believe on that without proven yet. For organization, its not enough to gain the confidence your customers by declaring the your have a security measures and mechanisms for them to trust. There are other methods like insurances reducing the risk of frauds or active trust management, it would also be better to include the experiences of other users with an entity. With the presence of other user or customers experiences on your organization services will also the basis of your aspiring customers to trust you as what have done by your previous customers. If your organization is trustworthy on providing product and services online, it would be easy for your to get their testimony about it and be confident enough to present it to coming customers for reference. Remember its easy to spread your trustworthiness to other (it its real), your previous customers will be you positive tool to attract be referred to other customers.

(Clara Centeno,) Lack of security and consumer trust in internet payments has been repeatedly reported as one of the most important factors hindering the development of e-commerce. Indeed, most surveys show that consumers lack of trust is linked to concerns over the security of payment data (mostly credit cards) and the misuse of private data, with striking levels of 75% - 95% of respondents worried by these issues.

The events of 9/11, an increasing number of security audit reports stress the key role played by the human factor in the process of building security in general and on the internet in particular. Indeed, technology-based solutions need to be accompanied and supported by a general awareness of the risks, an internal risk management strategy, good internal managerial, organizational and operational procedures and education of employees and end users. The same principles apply to electronic commerce security.
Despite this relatively low percentage of fraud cases, most consumer surveys show that consumer lack of trust in e-commerce is linked to concerns over the security of payment data and misuse of private data.

The following are the risk found in e-commerce especially when trust is not successfully build:

On-line payment risks

The reported volume of e-commerce fraud points to the internet being riskier than the face-to-face environment. E-commerce could be looked at as a new form of distance selling, characterized by a lack of face-to-face interaction and synchronization of payment with delivery of goods, and in the case of payment by card, by the merchant’s inability to verify the payment card’s physical and security features. Committing fraud is therefore easier than in the physical world as invoices can be left without payment after reception of goods, goods can be left undelivered after reception of payment or card payment fraud can be easily committed as "plastic" is not required, i.e., only a card number and a delivery address are needed.

In addition, the internet has a number of characteristics that introduce new risk elements:
• The environment is a more favorable vehicle for fraudsters to communicate and act in due to its anonymity, low access barriers, rapid exchange of resources such as hacking programs and credit card numbers (GARTNER, 2001; FBI, 2000; LANG, 1999).

• The lack of cyber-security skills and tools: organizations often
overlook significant risks, i.e. system providers do not produce systems that
are immune to attack, network and system operators do not have the
personnel and practices in place to defend themselves against attacks and
minimize damage (PETHIA, CERT/CC, 2001);

• Merchants are often small and new, with limited security skills and
budget and are selling new goods (digital content) that are more vulnerable
to fraud (EXPERIAN, 2000);

• Users are more vulnerable: with increasing internet connectivity from
home and increasing PC power (available for hackers), average users know
little about risks and the security tools available to protect their computers
from external attacks;

• Legal prosecution is more difficult, because transaction amounts are
generally low, the electronic evidence tools and skills available are very
limited, legislation is not yet adapted to the internet environment and where
transactions have taken place across borders, complex jurisdictional and
procedural issues may arise (SCHNEIER, 1998; PETHIA, CERT/CC, 2001;
ELDON, FBI, 200218).



On-line payment transactional risks

With a view to understanding what security measures are needed and based on results of the analysis of fraud figures available, on-line payment risks can be classified into four categories as follows:
• Risk of merchant misbehavior or fraudulent behavior: merchants carrying out data capture, disappearing and charging unauthorized transactions; charging transaction amounts higher than agreed, charging unauthorized recurrent payments;
• Risk of identity and payment data theft for further fraudulent use on the internet or in the physical world (purchase, fraudulent card application, account take over). Identity data can be stolen through e-mail (or even phone) scam, or through on-line unauthorized access to merchant or ISP servers, to bank servers, to consumers’ PCs or to transactional data;
• Risk of impersonation, i.e. fraudulent use of (stolen) consumer identity and/or payment data, or software generated account numbers for purchasing;
• Risk of consumer fraudulently denying a transaction.


Measures for Building Online Payment Security

Security Requirements for online internet payments
In order to understand the role of "hard," or technology-based measures in building e-commerce payment security, the security requirements from consumer and merchant perspectives are analyses. Consumer payment security requirements derive from the need to:
- transact with trustworthy merchants,
- receive matching offers and deliveries,
- have a customer service or other mechanism for redressing potentially conflictive situations, and,
- protect personal data from unauthorized access and use.
Merchant payment security requirements, however, derive from the need for payment guarantees and for protection of commercial data from unauthorized access.

Technology-based measures to build security
Different technology-based security measures are proposed by card schemes and banks to address the on-line payment fraud risks faced by consumers and merchants. These aim to provide data confidentiality and integrity, consumer and merchant authentication and non-repudiation for each individual transaction. Solutions range from the cheap and easy SSL, complemented by real-time authorisation by the issuer, address and CVV/CVC2 validation, the use of passwords and user Ids, virtual and
pseudo card numbers, 3D-model based solutions, SET and EMV smart cards. The potential of Public Key Cryptography (PKC), Public Key Infrastructure (PKI) and Digital Signatures in building secure internet payments deserve particular attention.

The security of the environment in which on-line transactions take place, namely the technical infrastructure of the consumers, merchants, banks and service providers, also needs to be considered. In this area, payment schemes are promoting improved information security at banks, merchants and service providers with security standards and best practice.

We are aware of the success of the electronic commerce in global market, the trust building activity performed by an organization or sellers to their customers or buyers took a very long time to make it possible. Furthermore, for organization its easy and necessary to accept a very long term Return Of Investment due to the time needed to build up trust to their customers. Not only long scope of time is required to successfully build trust for organization, but the financial strength to survive sometimes for several years until the investment in building trust to the customers start to be paid, simply means to Return of Investment in building TRUST.

Reference:
http://ecdcconference.com/FullPaper08/PosterPDF/516.pdf
http://muse.jhu.edu/login?uri=/journals/eservice_journal/v002/2.2jones.pdf
http://muse.jhu.edu/journals/eservice_journal/toc/current.html
http://resources.metapress.com/pdf-preview.axd?code=q746854420147832&size=larger
http://www.idate.fr/fic/revue_telech/257/C&S51_CENTENO.pdf