Electronic Commerce Modeling Language

Last updated

Electronic Commerce Modeling Language (ECML) is a protocol which enables the e-commerce merchants to standardize their online payment processes. Through the application of ECML, customers' billing information in their digital wallet can be easily transferred to fill out the checkout forms. [1]

Contents

There are various companies that have participated in ECML's alliances, including American Express and Mastercard. [1]

As a standard developed by the alliance, ECML has solved the problem of complex and confusing online manual payments caused by diverse web designs, and further reduces the chance of customer dropout (also called shopping cart abandonment). [1] On the other hand, ECML deals with sensitive information such as credit card numbers and home addresses—its data security is controversial, and privacy considerations should be taken. [2] [3]

Alliances

The members of ECML Alliance listed in alphabetical order below: [1]

  1. American Express (www.americanexpress.com>
  2. AOL (www.aol.com)
  3. Brodia (www.brodia.com)
  4. Compaq (www.compaq.com)
  5. CyberCash (www.cybercash.com)
  6. Discover (www.discovercard.com)
  7. FSTC (www.fstc.org)
  8. IBM (www.ibm.com)
  9. Mastercard (www.mastercard.com)
  10. Microsoft (www.microsoft.com)
  11. Novell (www.novell.com)
  12. SETco (www.setco.org)
  13. Sun Microsystems (www.sun.com)
  14. Trintech (www.trintech.com)
  15. Visa International (www.visa.com)

ECML and customer dropout behaviors

Customer dropout is also called shopping cart abandonment—it is a type of behavior which customers display inclination of purchase without completing the final payment. According to a commercial study, there is a rate 25% to 75% that the customer would abandon a transaction before it is completed due to various reasons. [4] Aside from motivational factors such as customer's fundamental needs and spontaneous purchases, emotional factors such as irritation and disappointment also determine whether a transaction would be successful. Research has shown that payment inconvenience and perceived wasting time are factors that would contribute to customer's irritation. [4]

Electronic Commerce Modeling Language could potentially decrease customer irritation in two ways, and further benefit the industry of electronic commerce as a whole. First of all, it provides a standardized set of information fields which would improve the manual process of online payment. Entering relevant information into the checkout form would become an easier task for customers. Secondly, ECML allows a smooth information transfer between customer's digital wallet and e-commerce checkout form. Information does not have to be manually entered into the system. [1]

ECML and customer's privacy expectations

The application of ECML requires the online shoppers to disclose their personal information which includes financial, shipping, billing, and preference details. [1] According to relevant research, customers are able to categorize the level of risks associated with different types of information disclosure. [5] Among the information that is required to complete an online order, the user's home address is categorized as secure identifiers which is perceived as the most sensitive by customers. Other secure identifiers include DNA profile, medical history, and social security numbers. [5] Furthermore, other empirical studies has confirmed customers' consistent privacy expectation --- even they have revealed personal information in exchange for services, their expectation of privacy protection is unlikely to change. [6] [7] Firms that adopt to ECML should undertake the responsibility and regulate themselves to actively protect the information collected during transactions. [8]

Privacy considerations and suggestions

Electronic Commerce Modeling Language is consistent with Platform for Privacy Preferences (P3P), [9] a controversial protocol which addresses online privacy concern. Initially, P3P is designed to simplify users' access and understanding on privacy policies posted on the websites. It has employed a multiple choice format to make connections between human readable privacy notices and privacy policies, as well as offering agents conduct policy evaluations. [2] On the other side, some studies have also argued that P3P has made users' private information more vulnerable. [3] The platform is accused for its exclusive nature that would disadvantage non-compliant websites with good privacy practices, and its lack of privacy policies' enforcements. [3]

Although the developers of electronic commerce modeling language have not explicitly specified how the information can be safely stored and protected, object security protocols (include XML encryption and XMLDsig), and channel security are all possible ways of privacy protection. [10]

Since ECML is an application related with sensitive information such as credit card numbers and home addresses. Privacy considerations thus have become crucial. There are several suggestions listed below to protect customer's privacy: [1] [10]

  1. ECML memory of sensitive information cannot exist. If it is installed on a public terminal, the wallet has to be configurable.
  2. A password should be set up and required each time when the user wants to access the stored information.
  3. Users need to have control of whether the stored sensitive information is released or not.

See also

Platform for Privacy Preferences

Digital wallet

XML

XML Encryption

XMLDsig

E-commerce

Consumer privacy

Related Research Articles

<span class="mw-page-title-main">Mobile payment</span> Payment services via a mobile device

Mobile payment, also referred to as mobile money, mobile money transfer and mobile wallet, is any of various payment processing services operated under financial regulations and performed from or via a mobile device. Instead of paying with cash, cheque, or credit card, a consumer can use a payment app on a mobile device to pay for a wide range of services and digital or hard goods. Although the concept of using non-coin-based currency systems has a long history, it is only in the 21st century that the technology to support such systems has become widely available.

<span class="mw-page-title-main">President's Choice Financial</span> Subsidiary of the Loblaw Companies

President's Choice Financial, commonly shortened to PC Financial, is the financial service brand of the Canadian supermarket chain Loblaw Companies.

Secure Electronic Transaction (SET) is a communications protocol standard for securing credit card transactions over networks, specifically, the Internet. SET was not itself a payment system, but rather a set of security protocols and formats that enabled users to employ the existing credit card payment infrastructure on an open network in a secure fashion. However, it failed to gain attraction in the market. Visa now promotes the 3-D Secure scheme.

<span class="mw-page-title-main">Mondex</span> Smart card cash system by Mastercard

Mondex was a smart card electronic cash system, implemented as a stored-value card and owned by Mastercard.

The Platform for Privacy Preferences Project (P3P) is an obsolete protocol allowing websites to declare their intended use of information they collect about web browser users. Designed to give users more control of their personal information when browsing, P3P was developed by the World Wide Web Consortium (W3C) and officially recommended on April 16, 2002. Development ceased shortly thereafter and there have been very few implementations of P3P. Internet Explorer and Microsoft Edge were the only major browsers to support P3P. Microsoft has ended support from Windows 10 onwards. Internet Explorer and Edge on Windows 10 no longer support P3P. The president of TRUSTe has stated that P3P has not been implemented widely due to the difficulty and lack of value.

An e-commerce payment system facilitates the acceptance of electronic payment for offline transfer, also known as a subcomponent of electronic data interchange (EDI), e-commerce payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking.

Shopping cart software is a piece of e-commerce software on a web server that allows visitors to have an Internet site to select items for eventual purchase.

A digital wallet, also known as an e-wallet or mobile wallet, is an electronic device, online service, or software program that allows one party to make electronic transactions with another party bartering digital currency units for goods and services. This can include purchasing items either online or at the point of sale in a brick and mortar store, using either mobile payment or using a laptop or other personal computer. Money can be deposited in the digital wallet prior to any transactions or, in other cases, an individual's bank account can be linked to the digital wallet. Users might also have their driver's license, health card, loyalty card(s) and other ID documents stored within the wallet. The credentials can be passed to a merchant's terminal wirelessly via near field communication (NFC).

Google Checkout was an online payment processing service provided by Google aimed at simplifying the process of paying for online purchases. The web checkout service was combined with the NFC mobile payments app launched in September of 2011 called Google Wallet under a platform brand of the same name. On November 20, 2013, the web checkout part of the service was fully retired.

<span class="mw-page-title-main">Google Pay Send</span> Mobile payment system developed by Google

Google Pay Send, previously known as Google Wallet, was a peer-to-peer payments service developed by Google before its merger into Google Pay. It allowed people to send and receive money from a mobile device or desktop computer.

Neteller is a global payments platform and digital wallet used to transfer money to and from merchants, such as forex trading brokers, social networks, and gambling websites. Users in the European Economic Area (EEA) and the United Kingdom can add a Net+ Mastercard to their account to pay with their balance in stores or withdraw it as cash from ATMs. Regardless of their location, users can transfer their balance to their own bank accounts or cards if they need to withdraw the funds from their account.

CashU was an Arabic fintech company providing a digital wallet and online payment services for customers in the Middle East and North Africa (MENA) region. The company was founded as a technology startup in July 2002 in association with online service company Maktoob in Amman, Jordan. It provided payment services for Maktoob online services. The company went through a number of rounds of investment from venture capital funds and changes in ownership until it eventually failed and went out of business around 2018.

Online Banking ePayments (OBeP) is a type of payments network, developed by the banking industry in conjunction with technology providers. It is specifically designed to address the unique requirements of payments made via the Internet.

Strong customer authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) on payment service providers within the European Economic Area. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments. Physical card transactions already commonly have what could be termed strong customer authentication in the EU, but this has not generally been true for Internet transactions across the EU prior to the implementation of the requirement, and many contactless card payments do not use a second authentication factor.

YooMoney branded as ЮMoney, formerly known as Yandex.Money, is Russia's second largest electronic payment service after "Sberbank Online" according to a 2020 research by Mediascope. It is an online payment service that works with two types of clients — individual users and merchants.

A cryptocurrency wallet is a device, physical medium, program or an online service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction, identification, or legally signing a 'document'.

<span class="mw-page-title-main">Google Pay (payment method)</span> Mobile payments platform developed by Google

Google Pay is a mobile payment service developed by Google to power in-app, online, and in-person contactless purchases on mobile devices, enabling users to make payments with Android phones, tablets, or watches. Users can authenticate via a PIN, passcode, or biometrics such as 3D face scanning or fingerprint recognition.

<span class="mw-page-title-main">Affirm Holdings</span> U.S. financial services company

Affirm Holdings, Inc. is an American financial technology company founded by PayPal co-founder Max Levchin in 2012. It offers a buy now, pay later service for online and in-store shopping. Affirm tops the U.S. buy now, pay later sector, reporting over 18 million users and US$20.2 billion annual GMV as of 2023.

Maya, is a Filipino financial services and digital payments company based in Metro Manila, Philippines.

Google Wallet is a digital wallet platform developed by Google. It is available for the Android, Wear OS, and Fitbit OS operating systems, and was announced on May 11, 2022, at the 2022 Google I/O keynote. It began rolling out on Android smartphones on July 18, 2022.

References

  1. 1 2 3 4 5 6 7 Goldstein <tgoldstein@brodia.com>, Ted (April 2001). "ECML v1.1: Field Specifications for E-Commerce". tools.ietf.org. Retrieved 2020-10-29.
  2. 1 2 Cranor, L.F. (2003). "P3P: making privacy policies more useful". IEEE Security & Privacy. 1 (6): 50–55. doi:10.1109/msecp.2003.1253568. ISSN   1540-7993.
  3. 1 2 3 "Pretty Poor Privacy: An Assessment of P3P and Internet Privacy". epic.org. Retrieved 2020-10-31.
  4. 1 2 Bell, Lynne; McCloy, Rachel; Butler, Laurie; Vogt, Julia (2020-07-03). "Motivational and Affective Factors Underlying Consumer Dropout and Transactional Success in eCommerce: An Overview". Frontiers in Psychology. 11: 1546. doi: 10.3389/fpsyg.2020.01546 . ISSN   1664-1078. PMC   7351522 . PMID   32714258.
  5. 1 2 Milne, George R.; Pettinico, George; Hajjat, Fatima M.; Markos, Ereni (2017). "Information Sensitivity Typology: Mapping the Degree and Type of Risk Consumers Perceive in Personal Data Sharing". Journal of Consumer Affairs. 51 (1): 133–161. doi:10.1111/joca.12111. ISSN   1745-6606.
  6. Martin, Kirsten E. (2019-11-24). "Breaking the Privacy Paradox: The Value of Privacy and Associated Duty of Firms". Rochester, NY. SSRN   3349448.{{cite journal}}: Cite journal requires |journal= (help)
  7. Karwatzki, Sabrina; Dytynko, Olga; Trenz, Manuel; Veit, Daniel (2017-04-03). "Beyond the Personalization–Privacy Paradox: Privacy Valuation, Transparency Features, and Service Personalization". Journal of Management Information Systems. 34 (2): 369–400. doi:10.1080/07421222.2017.1334467. ISSN   0742-1222. S2CID   38167192.
  8. Radin, Tara J. (2001). "The Privacy Paradox: E-Commerce and Personal Information on the Internet". Business & Professional Ethics Journal. 20 (3/4): 145–170. doi:10.5840/bpej2001203/418. ISSN   0277-2027. JSTOR   27801264.
  9. Eastlake 3Rd, Donald E. (March 2003). "RFC 3505 - Electronic Commerce Modeling Language (ECML): Version 2 Requirements". datatracker.ietf.org. Retrieved 2020-10-31.{{cite journal}}: CS1 maint: numeric names: authors list (link)
  10. 1 2 Eastlake 3rd <donald.eastlake@motorola.com>, Donald E. (June 2005). "Electronic Commerce Modeling Language (ECML) Version 2 Specification". tools.ietf.org. Retrieved 2020-11-05.{{cite journal}}: CS1 maint: numeric names: authors list (link)
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.