ACCOUNTABILITY AS AN OBJECTIVE FOR SECURITY REQUIREMENTS OF E-BUSINESS PROCESS: SAMPLE SCENARIO(2)

SAMPLE SCENARIO(2)

In case the customer wants to make use of the merchant’s offer, he expects that the terms presented on the web site are the ones that apply when he purchases the goods; accountability is therefore important for him.

The merchant, however, wants to present his offers to potential customers in a correct and easy-to-use manner. If the chance arises to find out more about the prospective buyers, he will do so. This might contradict the customer’s aim to reveal as few personal data as possible. To allow for the customer to access a correct image of the merchant’s offer, integrity is an important aim of the merchant. The same applies for the availability the M3L service, since the customer could easily use the offers of a competitor. Of course, this problem applies much more to Internet shops selling consumer goods (like books) that are also offered by competitors.

The security requirements of customer and merchant during the information phase are summarized in Table 1.

Confidentiality Integrity Availability Accountability
Customer Low High Low High
Merchant Low Medium High Medium

Table 1: Security requirements during the information phase

During the negotiation phase, a contract between the parties is made. This means, that the customer will have to reveal more personal information, which will make him more sensitive about confidentiality. Furthermore integrity and accountability of data concerning the contract are important for him, because it is his basis for agreeing to this contract. The availability of the M3L server, however, will be of low importance for him, since he still has the opportunity to change his supplier.

For the merchant the confidentiality of the customer’s data will be only as important as demanded by legal regulations (e.g. privacy laws). Integrity and accountability for him are at least as important as for his customer. Because he is aware that the customer can still change to a competitor’s offer, the availability of his systems is a major concern. The security requirements of both parties during the negotiation phase are shown in Table 2.

Confidentiality Integrity Availability Accountability
Customer high high low High
Merchant Medium high high High

Table 2: Security requirements during the negotiation phase

During the payment phase the data necessary to pay the goods are transmitted to the merchant. If credit card payment is used, this means that the credit card number of the customer is sent over the Internet. For this reason the customer will have high requirements concerning the confidentiality of his data, whereas the integrity of the data is less relevant for him; in the worst case he would be obliged to send the data a second time. The same applies for availability; if a customer cannot send his payment information, it is only a nuisance since he will have to try another time. Accountability is ranked high as the customer wants to be able to prove that he has paid the goods he ordered.

Representative APR 391%. Average APR for this type of loans is 391%. Let's say you want to borrow $100 for two week. Lender can charge you $15 for borrowing $100 for two weeks. You will need to return $115 to the lender at the end of 2 weeks. The cost of the $100 loan is a $15 finance charge and an annual percentage rate of 391 percent. If you decide to roll over the loan for another two weeks, lender can charge you another $15. If you roll-over the loan three times, the finance charge would climb to $60 to borrow the $100.

Implications of Non-payment: Some lenders in our network may automatically roll over your existing loan for another two weeks if you don't pay back the loan on time. Fees for renewing the loan range from lender to lender. Most of the time these fees equal the fees you paid to get the initial payday loan. We ask lenders in our network to follow legal and ethical collection practices set by industry associations and government agencies. Non-payment of a payday loan might negatively effect your credit history.

Calculate APR