BUILDING TRUST IN ECOMMERCE

1
Building Trust In E-commerce
BUILDING TRUST IN E-COMMERCE Response to iDAs
consultation paper
2
SCOPE
Building Trust In E-commerce

• Introduction of Auplex
• Auplexs research on trust building (for sharing)
• Consumers Perspective
• Businesses Perspective
• Response to iDAs questions covering
• PKI
• Standards and practices
• Risk assessment and credit bureau
• Escrow services
• Trust marks
• Insurance
• ASPs
• Legal framework
• Taxation and regulations

3
INTRODUCTION OF AUPLEX
Building Trust In E-commerce

• Auplex is a young and dynamic company formed by
  individuals from diverse background, including
  IT, consultancy, Government, HR, marketing and
  operations.
•  
• We deliver affordable, personalized and trusted
  e-business consultancy services to emerging
  enterprises to develop and launch their
  e-businesses. We have a robust Analyze-Construct-T
  ransform methodology to assist our clients in
  this process.

4
Risks in Commercial Transactions
Consumers' Perspective Risk Perception

• Traditionally, consumers seek to reduce
• Financial risk (losing money / paying too much)
• Functional risk (receiving wrong / malfunctioned
  good)
• Social risk (using product that reflect badly on
  user)
• Physical risk (being harmed by product)
• In E-commerce, transactions take place between
  faceless strangers, across geographical
  locations, via relatively open network
• Financial and Functional risks are exacerbated
• New additional risks

5
Risks in E-Commerce Transactions
Consumers' Perspective Risk Perception

• Authenticity Quality
• Will the business deliver the products, services
  and warranties it promises?
• Will there be any recourse if the business fails
  to deliver?
• Transactions
• Will transactions be processed accurately,
  completely, and be secured?
• Privacy
• Will consumer info be protected or abused?

6
To overcome risks build trust, consumers desire
Consumers' Perspective Risk Perception

• Authentication
• Recourse
• Integrity
• Confirmation
• Privacy
• Anonymity
• Please refer to notes for this slide for
  explanation on each point

Source Froomkin, A.M., The Essential Role of
Trusted Third Parties in Electronic Commerce,
1996
7
Trust isnt Everything. . . But its a lot
Consumers' Perspective Risk Perception

• Only 10 perceived little or no risk
• Issues of trust, particularly, security of
  personal info remain important

• People buy online
• Convenience
• Ease of use
• Good prices
• Wide selection

8
Privacy and Security are key concerns
Consumers' Perspective Risk Perception
3
7
9
Privacy and Security are key concerns
Consumers' Perspective Risk Perception
3
8
10
Six Components of E-commerce Trust
Consumers Perspective Models of Trust

• Brand Name Recognition
• Effective Site Navigation
• Transaction Fulfillment
• Professional Presentation
• Up-to-date Technology
• Web-Based Seals of
  Approval
• Please refer to notes for this slide for
  explanation.

Source Studio Archetype/Sapient Cheskin
Research, eCommerce Trust Study, Jan 1999.
11
Model of E-commerce Trust Development
Consumers Perspective Models of Trust

• Info vulnerable to hackers
• Tech. unreliable
• Perception of chaos
• Desire for control

• User control still a concern
• Individual assured of some control over personal
  info

• Seals of approval reassure user
• Sense of security
• Focus on other signifier of trust

Source Studio Archetype/Sapient Cheskin
Research, eCommerce Trust Study, Jan 1999.
12
Consumers Perspective Models of Trust
Source Studio Archetype/Sapient Cheskin
Research, eCommerce Trust Study, Jan 1999.
Source Studio Archetype/Sapient Cheskin
Research, eCommerce Trust Study, Jan 1999.
13
SUMMARY
Consumers Perspective

• Key issues are authentication and identification
• Other issues are
• Privacy (Analysis was based on data from an
  American survey. Separate survey in Singapore and
  in an Asian context may be required for a more
  accurate analysis.)
• Consumer protection
• Use of digital document as legal instrument
• Mechanism for dispute resolution
• Scope for use of established brand and experience
  with brick and mortar companies as a starting
  base

14
Risks in E-Commerce Transactions
Businesses' Perspective Risk Perception

• Authenticity
• Will goods and services be delivered to customers
  who can authorise purchases and pay for them?
• Security
• Will sensitive info, transaction data and online
  communications be secured?
• Non-repudiation and recourse
• As e-commerce opens up new business
  opportunities, companies will transact with new
  business parties
• Will buyers and sellers honour their commitment?
• Are the existing mechanisms and legal framework
  sufficient to resolve e-commerce disputes,
  especially for cross-border trade ?

15
To overcome risks build trust, businesses desire
Businesses' Perspective Risk Perception

• Authentication
• Certification
• Confirmation
• Payment
• Anonymity
• Please refer to notes for this slide for
  explanation.

Source Froomkin, A.M., The Essential Role of
Trusted Third Parties in Electronic Commerce,
1996
16
A note on payment
Businesses' Perspective Risk Perception

• Instruments like LCs, B/L and S/G play an
  essential role in addressing issues of risks,
  credit terms and trust between transacting
  parties in a brick and mortar world
• These are inefficient instruments and the
  information captured by each instrument overlap
  with each other to a large extent. (IT and
  e-commerce can therefore be useful tools enhance
  efficiency.)
• There are no parallel instruments in e-commerce
  to link the information and material flow at this
  stage to bring greater efficiencies to trade, or
  to facilitate cross border trade.

17
SUMMARY
Businesses Perspective

• B2b e-commerce is still at its early stages of
  development
• It is between the stages of Unaware and Build
  Trust. (See slide 12.)
• There are a few key challenges w.r.t. building
  trust
• Authentication and control
• Payment mechanism and credit facilities
• Established security devices and practices
• Established certification standards

18
Overview
Auplexs Feedback

• The rules of engagement for transactions between
  businesses and that between businesses and
  consumers exist for a reason
• Authentication of buyer and seller to minimise
  fraud
• Existence of middleman/distributors to
  assume/minimise risks and facilitate delivery and
  payment (eg clearing house)
• Banking and insurance facilities to cover
  exposure
• Secure network for transmission and capture of
  information
• Legal and government framework for recourse and
  regulation
• Relationships and checks for credit worthiness
  and credit terms
• The same rules apply very much to e-commerce. The
  only differences are
• the medium and tools are different in some ways
  and
• the processes and information flow tend to be
  faster and more transparent.

19
Overview
Auplexs Feedback

• We need a holistic approach as the problems are
  inter-connected
• the issues identified by iDA in its consultation
  paper cover most of the issues involved
• The relational diagram in the next slide maps out
  the issues identified by iDA and also the other
  components which we think are important but were
  left out in the consultation paper
• Auplexs feedback is centred around b2b EC.

20
Overview factors to facilitate growth of
e-commerce
Auplexs Feedback
3
1
7
4
8
9
5
Trust Marks
Training
6
Tax
Legal framework
Security standards and practices ISO?
10
Awareness
6
ADR
Regulation
2
Process
Recourse
Cross-border frmwk
Inertia
21
1 PKI
Auplexs Feedback

• Agree that PKI is a useful infrastructure for
  security
• Challenges for it to be adopted and to be useful
  are
• Standard. PKI has to be standardized for trade
  beyond Singapore. The Singapore market is too
  small.
• Costs. Service provided must be affordable,
  overall costs should be lower than traditional
  means for e-commerce to make sense.
• Adoption. Gadget-based PKI should be easy-to-use
  and affordable for wide-adoption.
• Phasing. PKI should preferably be built on
  existing e-commerce systems to minimize financial
  and psychological costs.

22
2 Standards and practices
Auplexs Feedback

• There may be a case for iDA to look into
  non-gadget based standards and practices w.r.t.
  to e-commerce security
• These system/standards/practices will be
  applicable to
• Businesses
• ASPs
• Escrow Service Providers
• These system/standards/practices should be
  compatible with/complement PKI and certification
  bodies
• Government could also consider working with the
  industry players to pioneer the development and
  implementation of such standards. (Auplex is
  willing to offer our ASP services as the pilot.)

23
3 Risk assessment and credit bureau
Auplexs Feedback

• Risk assessment is essential for trading
  activities in the physical world e.g. approval
  for letter of credit.
• It is even more important for e-commerce.
  However, to make it useful there need to be
• A Common standard. This is useful for intra and
  cross border transactions.
• Achievable within acceptable costs. Especially so
  if businesses are to pay for it.
• Any mandatory credit ratings should be considered
  with care as emerging enterprises should not be
  unduly disadvantaged.
• Government could consider the following
• Set standards and framework for risk assessment
  and its application
• Educate SMEs on ways to improve and manage their
  credit ratings
• Work with international bodies to establish
  common standard. This is also key to the plan to
  make Singapore a hub. Standards that apply here
  should also be accepted elsewhere (if possible)

24
3 Risk assessment and credit bureau
Auplexs Feedback

• There are many different credit bureaus in USA.
  Questions are
• How reliable are they?
• How can people apply and make use of them?
  (education)
• Is there a common standard?
• Credit assessment services could be better
  provided by the private sector than by
  Government. It could be banks, escrow or third
  party.
• Government could help in education as well as
  setting up the framework for standards and
  accreditation of such service providers.
• Other impediments issue of who is going to pay
  for it?

25
4 Escrow
Auplexs Feedback

• Escrow services can be a very useful means to
  address trust issues.
• Escrow services mirrors most parts of the current
  trade financing system in the physical world.
  Escrow services can be useful in the facilitation
  of a seamless e-commerce experience because
• Cost would be higher for business to switch
  between online and offline system to complete a
  transaction
• Process could become more efficient by
  integrating the trade financing elements
• The greater convenience, lower costs and better
  coverage of exposure can help to reduce inertia
  to go onto e-commerce.

26
4 Escrow
Auplexs Feedback

• Currently, the banks are fulfilling the function
  in some way through instruments like LCs.
  However, there are problems
• Banks are protective. Most banks require
  transacting party to open an account with them.
• Banks require full security from buyer on top of
  a fee.
• In cases where the bank representing the
  buyer/seller here does not have a relationship
  with another bank representing the seller/buyer
  overseas, a third bank would be involved. ?
  higher cost
• Process is manual and inefficient thus driving up
  costs (Eg Information flow is inefficient. Fields
  in Purchase Orders, Sales Orders, LCs, Shipping
  Guarantee and Bill of Lading are similar and this
  can be managed more efficiently between buyer and
  seller through e-commerce.)
• Most banks are not quite ready to open up yet.
  Also largely due to the lack of supporting
  services like credit assessment, PKI, etc

27
4 Escrow
Auplexs Feedback

• Escrow services could be done by
• Banks and financial institutions
• Logistic companies
• Independent service provider
• Criteria financial resources and global presence
  or alliance

28
5 Trust Marks
Auplexs Feedback

• Most trust marks are for b2c e-commerce
• We believe it would help but it has to be backed
  by
• Educational effort on the value of trust marks
• Accreditation and quality control of trust marks
• Mechanisms and means to carry out recourse or
  rectification actions should the e-merchant
  failed to deliver
• There would be limitations when consumers buy
  from overseas or when foreign consumers want to
  buy from Singapore e-merchants. Same issues as
  PKI and credit bureau.
• Government can consider
• Working with establish brands like NTUC co-ops
  whose objective is to safe-guard consumers
  interests.
• Setting up a framework and standards for trust
  marks
• Collaborating with foreign authorities on a
  common standard (similar to ISO)

29
6 Training
Auplexs Feedback

• iDA has already identified training as one of the
  elements under Infocomm 21
• Educational effort useful to raise awareness and
  acceptance and should form part of the framework
• Training is even more important if a national PKI
  is adopted

30
7 Insurance
Auplexs Feedback

• We are of the view that it may be too pre-mature
  to talk about insurance at this stage
• Businesses need to ascertain risk before deciding
  on whether insurance is worth it
• Cost of insurance have to be viewed in totality
  with costs of PKI, credit assessment, escrow
  services etc

31
8 Infrastructure/ASP
Auplexs Feedback

• Trusts needs to be build up between businesses
  and ASPs and infrastructure provider (if they go
  on EC on their own)
• ASPs lowers costs of EC and are critical to
  accelerating the adoption rate of EC for business
  users
• Many businesses still have the misconception that
  hosting on their own is more secure
• Efforts in (1), (2), (5) and (6) are needed to
  support ASPs

32
9 Legal Framework
Auplexs Feedback

• Besides ADR, legal mechanisms to settle dispute
  besides ADR should also be easily understood and
  made accessible.
• Government could consider looking into the
  following
• issues of law and jurisdiction/ agreements
  treaties
• mechanisms and standards for dispute resolution
• work with bodies to provide training and
  education on this area e.g. contract law, online
  transaction

33
10Tax Regulation
Auplexs Feedback

• Outstanding aspects of taxation have to be sorted
  out
• Eg GST, VAT, etc
• Jurisdiction and right to tax
• Regulations could also be refined
• e.g. import and trading regulations online
• Restrictions made known, etc