ABSTRACT
The mass adoption of the Internet has created a pattern shift in the way businesses are conducted today. This has resulted in the birth of Electronic Commerce or E-Commerce. Traditional physical trading of goods and currency is becoming more and more unpopular and more businesses are jumping on the E-commerce bandwagon. E-commerce is eye-catching because it reduces the cost of doing business. Sending a few bytes of data over a network is cheaper, faster and more convenient than sending a messenger or even making a phone call. The primary distress is issues in E-business security. The Internet is very public and many people hesitate to send sensitive data over the wires where it might be intercepted by nefarious third parties. But with so many organizations excited about the benefits of E-commerce, plenty of people are working on resolving the e-security issues. E-commerce is the exchange of something of value between two entities. That something may be goods, services, information, money, or anything else the two entities consider to have value. Commerce is the central mechanism from which capitalism is derived. The process of transforming something into a commercial activity is called commercialization.
PDF Abstract XML References Citation
How to cite this article
DOI: 10.3923/itj.2006.128.137
URL: https://scialert.net/abstract/?doi=itj.2006.128.137
INTRODUCTION
E-commerce, Abbreviation for electronic commerce, is a way of doing real-time business transactions via telecommunications networks, when the customer and the merchant are in different geographical places. Electronic commerce is a broad concept that includes virtual browsing of goods on sale, selection of goods to buy and payment methods. Electronic commerce operates on a good intention basis, without prior arrangements between customers and merchants.
E-commerce operates via the Internet using all or any combination of technologies designed to exchange data such as EDI or e-mail to access data (such as shared databases or electronic bulletin boards) and to capture data (through the use of bar coding and magnetic or optical character readers).
E-commerce, business that is conducted over the Internet using any of the applications that rely on the Internet, such as e-mail, instant messaging, shopping carts, Web services, UDDI, FTP and EDI, among others. Electronic commerce can be between two businesses transmitting funds, goods, services and/or data or between a business and a customer.
Security is, in effect, the glue strengthening the relationships and helping to tie a business more closely to its customers and partners. These requirements mean that the security technology needed for E-commerce is very different from the tools traditionally used to protect an enterprise network.
SOME COMMON E-COMMERCE MARKET MODELS
Business to Business (B2B): Business to Business or B2B refers to E-commerce activities between businesses[1]. An E-commerce company can be dealing with suppliers or distributors or agents. These transactions are usually carried out through Electronic Data Interchange or EDI. EDI is an automated format of exchanging information between businesses over private networks. This allows more transparency among business involved; therefore business can run more efficiently, for instance, a supplier can respond faster to diminishing stock of a particular product. EDI is composed of standards that enable businesses computers to conduct transactions with each other without human intervention. In general, B2Bs require higher security needs than B2Cs. For example, manufacturers and wholesalers are B2B companies.
Business to Customer (B2C): Business to Customer or B2C refers to E-commerce activities that are focused on consumers rather than on businesses[2]. For instance, a book retailer would be a B2C company such as Amazon.com and other companies that follow a merchant model or brokerage business models. Other examples could also be purchasing services from an insurance company, conducting online banking and employing travel services[3].
Customer to Business (C2B): Customer to Business or C2B refers to E-commerce activities, which uses reverse pricing models where the customer determines the prices of the product or services[1]. In this case, the focus shifts from selling to buying. There is increased emphasis on customer empowerment. For example, teleworkers and online auctions are C2B processes.
Customer to Customer (C2C): Customer to Customer or C2C refers to E-commerce activities, which uses an auction style model[1]. This model consists of person-to-person a transaction that completely excludes businesses from the equation. Customers are also the business and C2C enables customers to directly deal with each other. An example of this is peer auction giant, Ebay.
DEFINITIONS
Application: A program or group of programs designed for end users. Software can be divided into two general classes: systems software and applications software. Systems software consists of low-level programs that interact with the computer at a very basic level. This includes operating systems, compilers and utilities for managing computer resources (Fig. 1).
In contrast, applications software (also called end-user programs) includes database programs, word processors and spread sheets. Figuratively speaking, applications software sits on top of systems software because it is unable to run without the operating system and system utilities[4].
Uddi: Abbreviation for Universal Description Discovery and Integration. A Web-based distributed directory that enables businesses to list themselves on the Internet and discover each other, similar to a traditional phone book's yellow and white pages.
EDI: Short for Electronic Data Interchange, the transfer of data between different companies using networks, such as the Internet. As more and more companies get connected to the Internet, EDI is becoming increasingly important as an easy mechanism for companies to buy, sell and trade information. ANSI has approved a set of EDI standards known as the X12 standards.
Fig. 1: | Classes of programs designed for end users |
Ftp: Short for File Transfer Protocol, the protocol for exchanging files over the Internet. FTP works in the same way as HTTP for transferring Web pages from a server to a user's browser and SMTP for transferring electronic mail across the Internet in that, like these technologies, FTP uses the Internet's TCP/IP protocols to enable data transfer.
FTP is most commonly used to download a file from a server using the Internet or to upload a file to a server.
Web services: The term Web services describes a standardized way of integrating Web-based applications using the XML, SOAP, WSDL and UDDI open standards over an Internet protocol backbone. XML is used to tag the data, SOAP is used to transfer the data, WSDL is used for describing the services available and UDDI is used for listing what services are available. Used primarily as a means for businesses to communicate with each other and with clients, Web services allow organizations to communicate data without intimate knowledge of each other's IT systems behind the firewall.
Unlike traditional client/server models, such as a Web server/Web page system, Web services do not provide the user with a GUI. Web services instead share business logic, data and processes through a programmatic interface across a network. The applications interface, not the users. Developers can then add the Web service to a GUI (such as a Web page or an executable program) to offer specific functionality to users.
Web services allow different applications from different sources to communicate with each other without time-consuming custom coding and because all communication is in XML, Web services are not tied to any one operating system or programming language.
For example, Java can talk with Perl, Windows applications can talk with UNIX applications.
Web services do not require the use of browsers or HTML.
Web services are sometimes called application services.
ADVANTAGES AND DISADVANTAGES OF E-commerce
E-commerce is one of the most important facts of the Internet to have emerged in the recent times. Ecommerce or electronic commerce involves carrying out business over the Internet with the assistance of computers, which are linked to each other forming a network. To be specific E-commerce would be buying and selling of goods and services and transfer of funds through digital communications.
The benefits of E-commerce
• | E-commerce allows people to carry out businesses without the barriers of time or distance. One can log on to the Internet at any point of time, be it day or night and purchase or sell anything one desires at a single click of the mouse. |
• | The direct cost-of-sale for an order taken from a web site is lower than through traditional means (retail, paper based), as there is no human interaction during the on-line electronic purchase order process. Also, electronic selling virtually eliminates processing errors, as well as being faster and more convenient for the visitor. |
• | E-commerce is ideal for niche products. Customers for such products are usually few. But in the vast market place i.e. the Internet, even niche products could generate viable volumes. |
• | Another important benefit of E-commerce is that it is the cheapest means of doing business. |
• | The day-to-day pressures of the marketplace have played their part in reducing the opportunities for companies to invest in improving their competitive position. A mature market, increased competitions have all reduced the amount of money available to invest. If the selling price cannot be increased and the manufactured cost cannot be decreased then the difference can be in the way the business is carried out. E-commerce has provided the solution by decimating the costs, which are incurred. |
• | From the buyers perspective also E-commerce offers a lot of tangible advantages. |
1. | Reduction in buyers sorting out time. |
2. | Better buyer decisions |
3. | Less time is spent in resolving invoice and order discrepancies. |
4. | Increased opportunities for buying alternative products. |
• | The strategic benefit of making a business E-commerce enabled, is that it helps reduce the delivery time, labor cost and the cost incurred in the following areas: |
1. | Document preparation |
2. | Error detection and correction |
3. | Reconciliation |
4. | Mail preparation |
5. | Telephone calling |
6. | Data entry |
Operational benefits of E-commerce include reducing both the time and personnel required to complete business processes and reducing strain on other resources. Its because of all these advantages that one can harness the power of E-commerce and convert a business to E-business by using powerful turnkey E-commerce solutions made available by E-business solution providers.
But E-commerce has a credibility problem in that while it sounds great in theory, it is often slow and awkward in practice. By concentrating on satisfying the customer as quickly as possible you will give your business a huge advantage over your competitors.
MISSING TAX REVENUES
Tracking and collecting taxes are difficult when the sales medium is the Internet. Besides the fact that there may be no audit trail with electronic payments, a more basic issue arises: Which jurisdiction's tax laws take precedence?
"Consider a consumer in Italy who downloads his favorite album from a Web site in the U.S., which may well be linked to a number of music companies' servers in other countries[5].
In addition Here Also there are some examples of disadvantages of E-commerce for both consumer and business.
For the Consumer
• | Unable to Examine Products Personally: Buying products through the Internet means not being able to physically examine products. Images of the products may be available for viewing. There is a risk involved in the uncertainty of the quality of the product that the consumer is purchasing. |
• | Online Purchasing Security: There are possibilities of credit card number theft etc. |
For the Business
• | Hardware and Software: There are specific hardware and software that are essential to start up an E-commerce company that may be big and costly |
• | Distribution: Distribution must be very efficient especially when catering to a global market. |
• | Maintenance of Website: The website must be maintained and updated regularly and this may lead to extra labor costs. |
• | Costs: Even though the company may initially save money by cutting intermediaries and not having to invest much on capital assets, other costs may be incurred by start-up costs of the company in terms of hardware and software as well as training of employees, costs to maintain the website and distribution costs. |
• | Website Stickiness and Customer Loyalty: A company can have a website and exist within the Internet but there may not be enough people visiting the site and purchasing services or products from the company. The Internet provides less expensive advertising but also because of its sheer vastness and the existence of websites of established businesses, it is critical to create a website that is sticky enough to attract market share and create loyalty among the acquired market share[6]. |
• | Training and Maintenance: As mentioned in a couple of the aforementioned points, it is important to have well-skilled and trained workers to maintain and create the internet E-commerce facilities of a company. Many opt to outsource their development and programming tasks to decrease labor costs. |
• | Security: An E-commerce business exposes itself to security risks and may be susceptible to destruction and disclosure of confidential data, data transfer and Transaction risks (as in online payments) or virus attacks. |
APPROACH TO E-commerce SECURITY
E-commerce is a powerful tool for business transformation that allows companies to enhance their supply-chain operation, reach new markets and improve services for customers as well as for suppliers and employees. However, implementing the E-business applications that provide these benefits may be impossible without a reliable, consistent approach to E-business security. Traditional network security has focused solely on keeping intruders out using tools such as firewalls. This is no longer adequate. E-business means letting business partners and customers into the network, essentially through the firewall, but in a selective and controlled way, so that they access only the applications they need. To date, organizations have controlled and managed access to resources by building authorization and authentication into each E-business application.
A useful way of analyzing a technology is to prepare a checklist which takes into consideration your business requirements.
The security infrastructure needs to have the following basic capabilities:
• | Identification/authentication: This is the first step of any security and privacy process: being able to tell who users are. Having a security infrastructure that can do this quickly and accurately is necessary for creating a good experience for customers and partners. |
• | Authorization: Once the system determines who users are and that they are who they say they are it must provide the correct levels of access to different applications and stores of information. |
• | Asset Protection: The system must keep information confidential and private. This has become more difficult in the modern E-business environment, where information is traveling across multiple, often untrusted, networks. |
• | Accountability: This is the ability to keep track of who has done what with what data. E-business solutions also need to ensure that participants in transactions are accountable. |
• | Administration: This involves defining security policies and implementing them consistently across the enterprise infrastructures different platforms and networks. |
• | Assurance: This demands mechanisms that show the security solutions are working, through methods such as proactive detection of viruses or intrusions, periodic reports, incident recording and so forth. |
Availability: Modern E-businesses must prevent interruptions of service, even during major attacks. This means that the solution must have built-in fault tolerance and applications and procedures to quickly bring systems back online. IT managers must be able to make changes to the system 24 x 7.
When implementing a new security solution, an enterprise must have many goals in mind. These include:
• | Mitigating and managing security risks: This is the traditional role of security. Keeping intruders out and keeping information safe and must be maintained. |
• | Privacy: Protecting personal and corporate information" This is one of the biggest change in the security market. Greater demand to share information with customers and partners is putting new stress on companies to prevent that information from falling into the wrong hands. Data control and management is a critical issue for corporations. Customer information is a valuable asset and must be protected. |
• | Quickly deploying secure E-business initiatives: Security solutions must keep time-to-market issues in mind, allowing the E-business environment to be modified on the fly without compromising security. |
Reducing ongoing costs of managing and administering security: Return on investment (ROI) is always a key goal and many companies consider outsourcing security administration because they can use the latest solutions without buying new products or hiring new expertise.
Though security infrastructure products have been widely used in the mainframe environment for years, the emergence of E-business has been so rapid that technology of comparable scope has not, until recently, been available for distributed Web-based systems. The situation is changing, however and this Guide describes the infrastructure technology that is emerging onto the market.
Security for electronic payment systems
Electronic payment systems: A comprehensive term for a wide range of systems that electronically manage payment and receipt of payment over the Net. Commonly used electronic payment systems include SET, SSL, PKI and encryption.
Secure Electronic Transaction (SET): The standard for ensuring privacy and protection for conducting credit card transactions over the Internet. SET utilizes digital signatures so that the transaction can be completed securely and confidentially by the customer, the merchant and the bank. The customer does not have to send a credit card number over the Net because that information is already verified through the digital signature. Even though it's been endorsed by Visa, Mastercard, Microsoft and Netscape, SET requires complex software built into browsers and has therefore not been widely adopted in the online marketplace.
Secured Sockets Layer (SSL): A protocol that delivers server authentication, data encryption and message integrity. SSL is layered beneath application protocols, such as HTTP, SMTP, Telnet, FTP, Gopher and NNTP and layered above the connection protocol TCP/IP.
This strategy allows SSL to operate without depending on the Internet application protocols. With SSL implemented on both the client and server, your Internet communications are transmitted in encrypted form. Information you send can be trusted to arrive privately and unaltered to the server you specify (and no other). In short, it is a form of channel encryption developed by Netscape.
Public Key Infrastructure (PKI): A system of digital certificates (and other registration authorities) that verify and authenticate the validity of each party involved in an Internet transaction. PKI lays the groundwork for requiring users to have an issued key (or password) to access information. PKIs are in development; there is no universal PKI or even a single agreed-upon standard for setting up a PKI, but nearly everyone agrees that reliable PKIs are necessary before E-commerce can become widespread.
Encryption: The process of protecting information as it moves from one computer to another. Passing through a complex mathematical process (an encryption algorithm), the information is encoded before it is sent and decoded with a secret key when it is received. Without this key, the information is undecipherable. Computers use a binary number, usually 40-to 128-bits in length, as the key. The larger the key, the more difficult it is to break the encryption and decipher the message in transit.
In other words, encryption is a way of making data unreadable to everyone except the receiver and it is an increasingly common way of sending credit card numbers over the Internet when conducting E-commerce transactions.
Decryption: The decoding of an encrypted message.
Channel encryption: A security layer that resides between the application and the transport layers, the most common forms are SSL and HTTPS.
Certificate authority: One of several safeguards for secure E-commerce and overall data transfer, a certificate authority is a third-party organization that creates digital certificates for a Public Key Infrastructure (PKI). The certificate authority guarantees a user's identity and issues public and private "keys" for message encryption and decryption (coding and decoding). Essentially, the certificate authority guarantees that a user is the person he or she claims to be and conversely, that the provider of the information is who the user believes he or she is accessing.
Key: A long binary number used to encrypt data. To unlock encrypted content, you must find the precise mathematical combination that makes up the key (for example, two prime numbers that when multiplied produce the key). The longer the key, the more bits it has and therefore the more possible combinations of bits. This makes it more difficult for someone to guess the right combination. Key length alone does not make encryption invincible; an algorithm also makes it difficult for a hacker to discover and exploit any patterns in the encryption.
Electronic Bill Presentation and Payment (EBPP): An acronym that implies using the Internet to send, receive and pay bills, this is considered by some people to be the next step in online banking. The convenience factor of an EBPP is often highlighted for the user, but the real winners in this new scenario are the high-volume billers and banks that would save a substantial amount of operating costs by switching from a paper-based system to an electronic system.
Technical and Non-Technical Limitations for using this protocols for E-commerce security.
Technical limitations
• | Costs of a technological solution |
• | Some protocols are not standardized around the world |
• | Reliability for certain processes |
• | Insufficient telecommunications bandwidth |
• | Software tools are not fixed but constantly evolving (i.e. Netscape 3,4,4.7,4.75 etc.) |
• | Integrating digital and non-digital sales and production information |
• | Access limitations of dial-up, cable, ISDN and wireless |
• | Some vendors require certain software to show features on their pages, which is not common in the standard browser used by the majority |
• | Difficulty in integrating E-commerce infrastructure with current organizational IT systems |
Non-Technical Limitations
• | Customer fear of personal information being used wrongly |
• | Privacy issues |
• | Customer expectations unmet |
• | Rules and regulations[6] |
• | Security and privacy |
• | Vulnerability to fraud and other crimes |
• | Lack of trust and user resistance |
• | Fear of payment information being unsecure |
• | Tactile limitations |
• | Many businesses face cultural and legal obstacles |
• | Legal issues outstanding such as jurisdiction | |
• | Legal environment has many new and conflicting laws | |
• | Cultural obstacles | |
• | Linguistic challenges |
• | Limitations of support services |
• | Financial cost | |
• | Sourcing tech support in foreign languages |
• | Lack of critical mass in certain market areas for sellers and buyers |
• | Accessibility outside of urban/suburban and areas effects universality |
• | Higher employee training required to be click and mortar |
• | People's resistance to change |
• | People not used to faceless/paperless/non-physical transactions |
Electronic payments types
Cash: Cash consists of a token which may be authenticated independently of the issuer. This is commonly achieved through use of self authenticating tokens or tamper proof hardware.
Cheque: Cheques are payment instruments whose validity requires reference to the issuer.
Card: Card payment schemes provide a payments mechanism through the existing credit card payment infrastructure. Such schemes have many structural similarities to cheque models except that solutions are constrained by that structure. A key feature of card payment systems is that every transaction carries insurance.
What is digital wallet?: A digital wallet is a software component that allows a user to make an electronic payment with a financial instrument (such as a credit card or a digital coin) and hides the low-level details of executing the payment protocol that is used to make the payment (Fig. 2).
Fig. 2: | Components of a digital wallet |
Fig. 3: | Entities of an OBI architecture |
OBI: OBI is a freely available design/framework for business-to-business commerce transactions on the Web. It was designed by American Express and Supply Works, Inc. OBI is designed to help implementers reduce the cost of doing purchase transactions on the Web and to stimulate Internet commerce. The goal is to reduce costs, improve the overall buy-pay process and increase service levels to end users using Internet technology. Microsoft, Netscape, Oracle, Open Market and a number of other companies back the specification. Commerce Net also plays a role in the OBI by managing the specifications.
OBI is meant to complement and not replace existing EDI infrastructures. According to the OBI Consortium, "OBI was created for the purchase of non-strategic, indirect materials by large, distributed requisitioner populations." The OBI Consortium sees EDI as technology and standards for simplifying the purchasing of direct, or "production," materials through tight integration with MRP (materials resource planning) systems.
Formats make certain that buying organizations and selling organizations are able to interoperate. This contrasts with prevalent architectures for consumer Internet commerce in which selling organizations must acquire and maintain accurate profile information on thousands of shoppers, in addition to maintaining dynamic catalogs.
At an abstract level, the OBI architecture can be viewed as the interaction of four entities (Fig. 3):
• | Requisitioner: The requisitioner represents the end-user of the system, the person who actually places the order. The requisitioner is affiliated with a buying organization. The requisitioner is assumed to have access to a desktop machine, with a World Wide Web browser and access to a corporate Intranet and the Internet. The requisitioner also has a digital certificate, issued by a trusted certificate authority. |
• | Buying Organization: The buying organization represents the purchasing management and the information systems which support purchasing. These systems include an OBI server for receiving OBI Order Requests and returning OBI Orders and systems for handling the requisitioner profile information, trading partner information, work flow, approvals, account and tax status information necessary to complete an order. The buying organization also negotiates and maintains contractual relationships with preferred selling organizations. |
• | Selling Organization: The selling organization maintains a dynamic electronic catalog that presents accurate product and price information. Information which can be tailored based on the organizational affiliation of the requisitioner as specified in a digital certificate. Product and price information reflects the contract with a buying organization. The selling organizations catalog must be integrated effectively with inventory and order management systems and an OBI server for sending OBI Order Requests and receiving OBI Orders. Selling organizations must be able to authorize certain transaction types with the appropriate payment authority. |
• | Payment Authority: Payment authorities provide authorization for the payment vehicle presented by the requisitioner. Payment authorities must provide payments to selling organizations and a timely invoice or debit to the buying organization. Payment authorities may include a variety of financial institutions or, if the payment vehicle is a bulk invoice, selling organizations assume the responsibilities of a payment authority. The OBI standard is intended to support a variety of payment vehicles. |
Irans IT market is slowly but surely getting more dynamic these days. The number of IT projects (both research and implementation) is increasing rapidly, despite the industry`s continuous suffering from the US embargo. The outcome of high-profile projects (such as the "E-commerce Feasibility Study Project" to produce the National E-commerce Master Plan, or "The National Certification Authority Project" to establish the national PKI (Private/Public Key Infrastructure to create the basis for secure electronic transactions) is yet to be seen. Nevertheless, the mere presence and participation of large international players such as Ernst and Young, Deloitte and Touché and Siemens in such projects is encouraging, especially to local players. It will also encourage more foreign companies to take Irans IT market more seriously?
Iranian companies are finally getting out of their local market to explore opportunities in international scenes. This is great news for the local IT market, as it wills not only open doors to international markets, but will help local companies to become more familiar with global rules of the game (and therefore become more competitive in international markets).
It, nevertheless, highlights the understanding of the importance of ICT development at the government level, which, in itself, is a small but encouraging sign to Irans young and growing IT community.
With major national plans such as TAKFA finally taking off and numerous large projects being defined and out for tender (watch the education and health care sectors in the coming months), there is no doubt well witness much more action in Irans promising IT industry.
DISCUSSION
E-commerce has become more than a buzz word in our new economy. It has become a lifestyle for most businesses and has created a global marketplace. The Internet has forced businesses to re-engineer their business processes and adapt to the new global knowledge driven economy. E-commerce will undoubtedly be a permanent part of commerce in society today for as long as Internet exists. The differences between the E-commerce business models have become increasingly difficult to distinguish since businesses are usually a combination and business models are much more complex and not always simplistic. B2B, B2C, C2B and C2C are examples of the most popular business models that occur in E-commerce. There also exist other models such as Government to Citizen and Business to Employee. E-commerce is now everywhere in our society, whether it is proprietary companies dealing with customers, customers dealing with each other or government dealing with citizens. Now, transactions are mainly occurring over the Internet. It encompasses such large part of our society that it has become the traditional commerce of today.
Appendix 1: Acting at the proposal No. 700/30891 dated 15/8/1380 (Nov. 6, 2001) made by the High Council of Informatics Secretariat and in virtue of Article 138 of the Constitution of the Islamic Republic of Iran, the Council of Ministers in its session held on 29/2/1381 (May 19, 2002) approved the policy of E-commerce of the Islamic Republic of Iran as follows:
E-commerce Policy of the Islamic Republic of Iran
Objective: In view of speedy expansion of E-commerce in the world, the inevitability of its use, role of E-commerce in the preservation, strengthening and development of Irans competitive edge in the world and the savings made from the implementation of E-commerce in Iran, the Government of the Islamic Republic of Iran declares its determination to use and promote E-commerce in Iran in accordance with the following principles and policies.
Principles
1. | Providing basic infrastructure and legal and executive background required for the use of E-commerce. |
2. | Promoting education and propagation of the culture of use of E-commerce. |
3. | Supporting the promotion of non-public sector activities, preventing monopoly and creating grounds for competition. |
4. | Removing any biased limitations in E-commerce. |
5. | Promoting the use of the Internet networks for the carrying out of E-commerce in Iran and taking the necessary measures for the health of contents of the said networks. |
Executive policies
1. | The Telecommunications Company is required, while facilitating and utilizing the private sector participation, to provide and commission the required hardware and software and to establish high-speed, dependable and secure communications lines in the Internet networks not later than the end of 1381 (March 20, 2003), within the scope of its activities, based on the following schedule and to decrease the cost of use of the said lines. | ||||||||||
2. | Ministry of Economic Affairs and Finance is required, in cooperation with Bank Markazi Iran, to draw up a comprehensive plan for the use of the system of electronic transfer of money as well as the use of the credit card services and the time schedule for its enforcement, by the end of Mehr 1381 (October 22, 2002) and to present it to the Economic Information Specialized Commission of the High Council of Informatics for its approval. | ||||||||||
3. | Ministry of Commerce is required, not later than one year after the notification of this decree, to make the essential parts of the E-commerce national plan of Iran enforceable and to implement the following plans:
| ||||||||||
4. | Ministry of Science, Research and Know-how is required, by coordinating with and support of the Ministries of Commerce and Post, Telegraph and Telephone and the Secretariat of the high Council of Informatics to take measures for the creation of directly or indirectly related subjects and to present teaching credits in the technical and economic fields of E-commerce. | ||||||||||
5. | Sazeman-e Sada va Sima-ye Jomhouri Islami Iran (Islamic Republic of Iran Radio and Television Organization) is required, in cooperation with the Commerce Ministry, to prepare and broadcast teaching and promotional programs related to E-commerce. | ||||||||||
6. | Commerce Ministry is required, on a continuous basis, to hold short-term specialized and general training courses related to E-commerce and to hold international and domestic conferences in that field. | ||||||||||
7. | Ministries, government organizations, institutions and corporations are required to start E-commerce in their dealings and, by the end of the Third Development Plan, to carry out at least half of their dealings by this method. | ||||||||||
8. | Cost of starting E-commerce is treated as acceptable tax costs constituting the subject matter of Article 148 of the Direct Taxation Act of 1366 (1987-88) and its subsequent amendments. | ||||||||||
9. | Ministries of Economic Affairs and Finance and Commerce are required to see to it that taxes and Customs duties charged to goods and service exchanged through this method do not exceed those exchanged through other methods. | ||||||||||
10. | The Management and Planning Organization of Iran is required, while coordinating with the relevant executive bodies, to allocate each year in the national budget of Iran, the credits required for commissioning the E-commerce projects and comprehensive information network of Iran constituting the subject matter of Article 116 of the Third Economic, Social and Cultural Development Plan of the Islamic Republic of Iran Act approved in 1979 (2000-01) and their subsequent expansion. | ||||||||||
11. | For the purpose of increasing the active role of non-government sector in the promotion of E-commerce, the government is required to allocate a part of the granted facilities constituting the subject matter of annual budget laws to the applicants employed in this field. | ||||||||||
12. | Commerce Ministry and relevant executive bodies are required to take action for the attraction and encouragement of private domestic and foreign investment within the framework of provisions of law related to this field. | ||||||||||
13. | The Secretariat of the Free Zones High Council is required to cause the implementation of E-commerce at least in one of the free zones by the end of 1381 (March 20, 2003) and in one other zone by the end of 1382 (March 20, 2004). All executive bodies of Iran that are active in those zones are required to take action for the presentation of services and start of operations required in this field. | ||||||||||
14. | The Secretariat of the High Council of Informatics is required, in participation with the Ministries of Commerce; Post, Telegraph and Telephone; Information; Science, Research and Know-how; Industries and Mines; the Management and Planning Organization of Iran and the Bank Markazi of Islamic Republic of Iran, to take the necessary measures for the drawing up of a comprehensive plan for maintaining security of electronic exchanges, confidentiality of data and information, health of contents of users of public network of transfer of information (within Iran) and national system of authority for issuing digital certificates and to present it to the Leading Commission for its approval and to the High Council of Informatics for its decision.Note: In light of the need to strengthen scientific capability within Iran, the necessary preliminaries in this field for the creation of national know-how, including hardware, software and other required national facilities, must be taken into account in this project, by using the domestic specialized manpower. | ||||||||||
15. | The Ministry of Foreign Affairs is required, for the furtherance and strengthening of the cooperation related to E-commerce between the Islamic Republic of Iran and other countries, including the Islamic Conference Organization, G77, Economic Cooperation Organization (ECO), the Colombo Plan and international institutions affiliated to the United Nations, to extend the necessary cooperation to the Commerce Ministry and the Secretariat of the High Council of Informatics. | ||||||||||
16. | The duty of supervision and following up the foregoing executive measures and presenting seasonal reports to the High Council of Informatics is assigned to the Specialized Economic, Trade and E-commerce Commission, in coordination with the Secretariat of the High Council of Informatics and the Special Representative of the President, for taking action. |