Journal of Internet Banking and Commerce
Vol. 11, No. 1, April 2006
http://www.arraydev.com/commerce/jibc/current.asp

=================================
From JIBC Publisher Nahum Goldmann
http://www.arraydev.com/commerce/jibc/2006-04/0605-Publ.HTM
=================================

The geographic distribution of JIBC authors is truly
amazing. All continents are well covered. We are
especially happy to have quite a number of good
articles from the South-East Asia and Africa, in
addition to more traditional innovation centers of the
North America, Europe and Australia.

From time to time we also publish an occasional
article from China but frankly, our success rate in
attracting first-rate articles from China is quite
limited, especially compared to other SEA countries
like India or Malaysia. Why it is so is unclear,
especially taking into account the tremendous growth
that China experiences in the Internet trading area.
On a number of occasions we have approached China
academics and ecommerce executives with the requests
of submitting articles to our publication, but so far
not that many used this opportunity.

I am asking fellow JIBC editors, authors and readers
to pass the requests to their colleagues in China to
submit their original works to JIBC Chief Editor Prof.
Nikhil Agarwal, to myself, or to our numerous
contributing editors. As well, we are looking for
prominent scientists, as well as the leading
executives and practitioners, especially from China,
Japan, Korea, Germany, Switzerland, Netherlands,
Eastern Europe and Latin America to joint JIBC
distinguished Editorial Board.

Again, I am asking each and every one of you, our
readers and subscribers, to email JIBC to at least 3
of your colleagues, friends and discussion groups that
you are participating at, and recommend that they also
subscribe.

As well, I am challenging all the current and past
authors and editors to email your articles -- along
with the rest of JIBC edition -- to at least 10 of
your peers and colleagues in academia, government and
industry. Make sure they are aware of your articles
and the Journal of Internet Banking and Commerce.
Recommend that they also subscribe to email editions.
After all, we send it around just 2-3 times a year.

A special appeal to ecommerce/ebusiness students to
pass a word about JIBC to your professors and
classmates and, more important, to ask them to supply
new articles and tell everybody to subscribe.

Let's spread the word!


=============================================
From JIBC Editor-in-Chief Nikhil Agarwal
http://www.arraydev.com/commerce/jibc/2006-04/editorial_april2006.HTM
=============================================

Gurus comes in all sizes specially religious and
management gurus. You must be wondering why I say so.
My 6-month-old son Krishiv� is teaching me management
nowadays. I am trying to understand complexities of
management theories from acts of toddler. I would call
it evolution.

During the past few weeks, I am working closely with
Dr. Jovan Kurbalija of Diplo Foundation on Internet
Governance [IG] issues and attending a programme on
Internet Governance Capacity Building (IGCB). WSIS
Geneva [2003] and Tunis [2005] have given new
dimensions to the IG negotiations and extend a
multi-stakeholder approach towards the whole subject.
Many of our readers must have participated in the main
conferences and related deliberations elsewhere. In
our next issue, we would be happy to publish the
experiences of our readers and authors on this very
important matter. Please submit your papers by end
July, 2006.

Security and Privacy issues worldwide are generating
more attention then ever. With growing penetration of
technology in our daily lives, it is becoming apparent
that companies & consumers have to collaborate to win
this war. Every quarter JIBC receives 20% of our
submission on security related or privacy issues. In
the present issue, Ankur Gupta has highlighted the
need of data protection in consumer e-banking. Lior
Shamir of Michigan Tech has discussed a simple yet
hazardous method used by hackers for stealing user
information. Advocate Rahul Goel, in his article, has
analyzed the provisions related to privacy in proposed
amendments to the Indian Information Technology Act
2000. In an another article related to security P.
Yogesh has suggested alternate architecture for DNS to
foil DoS attacks.

In last issue we argued that the next big marketplace
would be Africa. Articles from Achraf Ayadi and Abel
Ezeoha has further consolidated our belief. Achraf has
investigated technological and organizational
preconditions to develop Internet Banking services in
Tunisian Banking sector. Abel in the second part of
his paper has given success prescription for
regulating Internet banking in Nigeria. His paper is
important read for those who wish to have eagle view
of African market.

Teuta Cata of Northern Kentucky University has
introduced the concept of Silent CRM (s-CRM), an
application of RFID technology to support customer
needs. Jose Gonzalez has investigated Market
orientation framework model and expanded it in context
of Web Hosting and Internet Service Provider
companies. Jordan Shropshire of Mississippi State
University has provided a good background paper for
evaluation of performance metrics of hosted software
databases.

We are pleased to invite our new member on the board
of JIBC, Dr. Joshua Fogel, A/ Professor at Brooklyn
College of the City University of New York. Following
the advise of Dr. Fogel and persistent efforts of
Nahum Goldmann, JIBC is now listed in Directory of
Open Access Journal [DOAJ]. Please click here to find
the listing. Another important announcement is
regarding partnership of JIBC in various
conferences/seminars. We would be pleased to
participate and publish the proceedings of conferences
related to our themes. Such requests can be made to
myself or Nahum Goldmann, publisher of JIBC.

Collectively let's spread knowledge across all
continents and beyond.

Dr. Nikhil Agarwal
SP Jain Institute of Management & Research (SPJIMR)
Mumbai, India


==========================
OPINION ARTICLES (Non-Peer Reviewed)
==========================

INDIA: Data Protection in Consumer E-banking
(By Ankur Gupta)
http://www.arraydev.com/commerce/JIBC/2006-04/gupta.HTM

Consumer Internet Banking, with its ability to reach
each and every nook and cranny of the world, holds
great importance for a nation like India, where
conventional banking services are out of reach for a
large proportion of the masses. But to make it a
success it requires more than just an adequate
internet enabling infrastructure. There is a dire need
for an adequate legal and regulatory framework to be
put into place. One of the crucial elements of such a
legal and regulatory framework will be data protection
provisions. The emphasis of this article is on the
this aspect of data protection in the electronic
banking sector. The article is an attempt to highlight
the importance of data protection in internet banking
and dwell upon possible legal recourses which may
adopted keeping in mind the current legal framework in
India with regards regulation of information
technology.


UNITED STATES: A Security Concern in MS-Windows:
Stealing User Information from Internet Browsers Using
Fake Windows
(By Lior Shamir)
http://www.arraydev.com/commerce/JIBC/2006-04/Lior.HTM

A simple method that might be used by malicious
attackers for stealing usernames, passwords, credit
card numbers or other valuable small pieces of
information is described. Hidden processes running on
Windows-based machines might create faked controls and
place them on the browser exactly on top of the real
controls of web pages such as on-line banking account
login pages. Users might then type in their passwords
or credit card numbers into the faked controls,
allowing the malicious process to capture the data.
Since spyware is a large and growing threat to
internet users, it is not unlikely that such a
technique will be used for stealing valuable
information. An example based on Hotmail web-based
email service is demonstrated, but this technique
might be used for a variety of password-protected web
services. This paper also discusses different approach
of protection against the described attack.


INDIA: The Indian Information Technology Act and
Spamming
(By Rahul Goel)
http://www.arraydev.com/commerce/JIBC/2006-04/Rahul_F.asp

An attempt to analyse provisions relating to privacy
especially spamming and phishing in the proposed
amendments to the Indian Information Technology Act,
2000.


UNITED KINGDOM: Security Revisionism
(By Ian Grigg)
http://www.arraydev.com/commerce/JIBC/2006-04/Grigg.asp

Security isn't working, and some of us are turning to
economics to address why this is so. Agency theory
casts light on cases such as Choicepoint and Lopez .
An economics approach also sheds light on what
security really is, and social scientists may be able
to help us build it. Institutional economics suggests
that the very lack of information may lead to results
that only appear to speak of security.


================
PEER REVIEWED RESEARCH
================

FRANCE: Technological and Organizational Preconditions
to Internet Banking Implementation: The Case of a
Tunisian Bank
(By Achraf Ayadi)
http://www.arraydev.com/commerce/JIBC/2006-04/Ayadi.asp

An exploration of the importance of some prerequisite
factors in developing internet banking (IB) services.
According to the emergent case of Web services in the
Tunisian banking sector, two types of preconditions
are investigated: technological preconditions and
organizational preconditions. Based on a case study, a
set of qualitative and quantitative research methods
were carried out beside the bank direction, the
commercial staff and subscribed customers to IB
services. The research illustrates that centralised
architectures, fragmented information systems (IS),
organizational rigidity and disregarding user's
implication could be factors of slowness (or failure)
in implementing IB.


NIGERIA: Regulating Internet Banking in Nigeria: Some
Success Prescriptions (Part II)
(By Abel Ebeh Ezeoha)
http://www.arraydev.com/commerce/JIBC/2006-04/Nigeria-2_F.asp

This paper is the second part of an earlier one on the
problems and challenges of Internet banking regulation
in Nigeria. The paper argues that for Internet banking
to assume a developmental dimension in Nigeria and for
the country to be fully integrated in the global
financial environment, the prevalent level of frauds
in Nigeria (and among Nigerians) must first be
addressed. It suggests that the ways to do this are
first to: get the relevant local laws in place and in
consonance with international laws and conventions;
get the citizens well educated on the intricacies of
Internet usage and frauds, as well as the regulatory
implications of wrong/fraudulent uses of the Internet;
ensure that all the major background problems such as
poverty, corruption and bad governance are addressed
and; ensure adequate interface and collaborations
between Nigerian local law enforcement agents and the
various international agencies that are presenting
pursuing the course for safe Internet community.


INDIA: Effective Method of Security Measures in
Virtual Banking
(By S. Arumuga Perumal)
http://www.arraydev.com/commerce/JIBC/2006-04/VB.asp

The development of Information Technology leads to the
remarkable growth in the field of network security
that is used in security applications, which shows the
way to the development of virtual banking. The aim of
this paper is to discuss the different security
measures that are to be considered in Virtual banking
system, to share the fundamental concept behind the
security technology and to understand the relative
advantages and limitations of different approaches.
When passwords are used for authentication, the
decision made is relatively straight forward, but in
network security using biometric authentication the
decision is made on a probability. Biometrics is not
secret. Any organization considering the use of
biometrics needs to understand the impact of this when
reaching a trust decision.


INDIA: Alternate Architecture for the Domain Name
System to Foil Distributed Denial of Service Attack
(By P. Yogesh and A. Kannan)
http://www.arraydev.com/commerce/JIBC/2006-04/Alt%20Architecture%20for%20DNS.htm\
l

The Domain Name System is an important part of the
Internet infrastructure and maps symbolic domain names
to IP addresses. The DNS is a hierarchically arranged
distributed database. At the top of the hierarchy is
the root. The root is a single point of failure in the
DNS architecture. It has been subject to variety of
Denial of Service (DoS) attacks. Eliminating the root
from this architecture eliminates the single point of
failure. This involves storing the addresses of the
top-level domain servers at the name servers, so that
they can be reached without going through the root. In
this paper we propose two architectures, both capable
of foiling the DoS attack. The architectures differ in
the capabilities of the clients and servers, and
provide different cost-benefit tradeoffs. It has been
found that a scheme that avoids a root server for name
resolution and includes caching capabilities at the
client itself, reduces bandwidth requirements, and
improve! s response times, resilience to DoS attacks.


UNITED STATES: Challenges and Opportunities of Silent
Commerce: Applying Radio Frequency Identification
Technology
(By Teuta Cata)
http://www.arraydev.com/commerce/JIBC/2006-04/cata.asp

An investigation of the applications of Radio
Frequency Technology (RFID) as an application of
ubiquitous commerce. RFID has a wide application in
the supply chain but still is very limited for
customer support. This study introduces the concept of
the Silent CRM (s-CRM) which is an application of RFID
to proactively support customer needs. Challenges of
RFID application within companies, outside of
companies and about the technology itself are
discussed as well.


UNITED STATES: Internet Support Companies: The Impact
of Marketing Orientation
(By Jose Gonzalez and Larry Chiagouris)
http://www.arraydev.com/commerce/JIBC/2006-04/Gonzalez.asp

Several studies have expanded the work by Jaworski and
Kohli (1993) by using their market orientation
framework model and applying it to a variety of
industries. The results of recent studies have
uncovered strong relationships between the concepts of
market orientation and organizational performance. The
large body of research on the topic of market
orientation has not been applied to companies critical
to commercial transactions over the Internet. This
study explored implementation of market orientation in
the context of web hosting and Internet service
providers to understand impact of market orientation
on these kinds of companies. The study results
indicate that market orientation is positively related
to performance. Implications for theory construction
and managerial practice relevant to companies engaged
in ecommerce are discussed.


UNITED STATES: A Taxonomy of Metrics for Hosted
Databases
(By Jordan Shropshire)
http://www.arraydev.com/commerce/JIBC/2006-04/Shropshire.ASP

The past three years has seen exponential growth in
the number of organizations who have elected to
entrust core information technology functions to
application service providers. Of particular interest
is the outsourcing of critical systems such as
corporate databases. Major banks and financial service
firms are contracting with third party organizations,
sometimes overseas, for their database needs. These
sophisticated contracts require careful supervision by
both parties. Due to the complexities of web- based
applications and the complicated nature of databases,
an entire class of software suites has been developed
to measure the quality of service the database is
providing. This article investigates the performance
metrics which have evolved to satisfy this need and
describes a taxonomy of performance metrics for hosted
databases.

/---------------------ADVERTISEMENT-------------------\
The World-Leading Web Security Audit
ADDSecure.Net(TM) Audit encompasses a range of
Internet network and server audit and testing services.
The program is powerful enough to satisfy the strenuous
demands of leading government organizations,
banks and private corporations, yet it can meet the
budget requirements of even small firms. Further
information is at:
http://www.addsecure.net/info/service.htm
\---------------------ADVERTISEMENT-------------------/



=====================
Administrative Notice
=====================

Journal of Internet Banking and Commerce

JIBC is a leading edge publication that informs
banking and electronic commerce professionals and
executives on principal developments, benchmark
practices, and future trends in the Internet-based
marketing practices of governments and industry. This
free online interactive journal is a way to keep in
touch, to share information, and to establish business
contacts (networking) for worldwide professionals that
specialize in electronic commerce, governance and
banking solutions.

In JIBC you will find informed discussion of the
latest internet-based banking and electronic trends
and practices from around the world. Our priority is
quality, not quantity. We want to maintain JIBC as a
service that provides substantial information and an
effective forum for your articles, your letters, your
insights and ideas.

JIBC invites banking and electronic commerce
professionals, academicians and publishers to submit
important announcements, original articles, guest
columns and significant feature presentations. We also
welcome surveys, book reviews and letters to the
Editor. Technical discussions in highly specialized
areas of expertise will be kept to an absolute
minimum.

JIBC is formally issued three to four times a year
when an email summary of current articles is
distributed to subscribers. The full text of current
articles is posted on the JIBC Web site at
http://www.ARRAYdev.com/commerce/JIBC/current.asp.

The publication is complemented by the Compendium of
Internet Banking and Commerce Initiatives at:
http://www.arraydev.com/frames/f-guest_comp.htm.
We invite readers to provide brief descriptions of
products, books, and services that they think others
will find interesting.

The Journal of Internet Banking and Commerce (JIBC) is
provided as a service by ARRAY Development based in
Ottawa, Canada. Views expressed are those of the
authors and are not necessarily shared by ARRAY
Development. Firms or individuals interested in
sharing sponsorship of this project may contact array
(at) ARRAYdev.com.

The JIBC Web Archive
http://www.arraydev.com/commerce/jibc/articles.htm
contains all articles published to date.

You can reach the Editor-in-Chief Nikhil Agarwal with
any questions or comments by email at:
nikhil.jibc (at) gmail.com

Publisher Nahum Goldmann is at:
Nahum.Goldmann (at) ARRAYdev.com.


=================================
Editorial Board
=================================

Publisher and Member of the Editorial Board: Nahum
Goldmann

Chief Editor: Nikhil Agarwal

Founding Chief Editor Emeritus and Member of the
Editorial Board: Gord Jenkins

Assistant Editor: Xin "Robert" Luo

Mailing List Managing Editor: Anne-Marie Jennings

Contributing Editors
UK Contributing Editor: David G.W.Birch
US Contributing Editor: Joshua Fogel
Australia Contributing Editor: Dale Pinto
Japan Contributing Editor: Carin Holroyd
Middle East Contributing Editor: Raed Awamleh
Legal Contributing Editor: Edwin Jacobs
Africa Contributing Editor: Alemayehu Molla
France Contributing Editor: Jean-Michel Sahut
India Contributing Editor: Arun Mohan Sherry
Malaysia Contributing Editor: Bala Shanmugam
Canada Contributing Editor: Arthur J. Cordell


Please send any questions related to maintenance of
this Web site to:
array (at) ARRAYdev.com

Information and subscription for JIBC mailing list is
available via:
http://groups.yahoo.com/group/JIBC/