Development of an Internet Payment Processing System

E-Commerce Applications

Before we proceed any further, we have to distinguish two types of transactions on the Internet:

Transactions of the first type are not performed in real-time. When a card holder submits payment and gets a response, payment is only posted for further processing. Actual authorization of the transaction is performed (manually) at a later time and consequently at a higher operating cost. This is acceptable when delivery of goods and services is slow, e.g., via regular mail. As an example, when the author purchased a book from Amazon.com in August 2000, the order was approved after an hour or so.

The other type of transaction is performed in real-time. When a card holder submits payment and gets a response, payment is completed. Money on the card holder's bank account is earmarked and transfer of money to the merchant's bank account is guaranteed. This type of transaction is required when delivery of goods and services is imminent (e.g., download of software or MP3 files). Despite this requirement, some e-commerce sites use the first type, and deliver goods and services based on an assumed success of authorization in the future. This approach risks losses due unauthorized transactions.

The system described in this article can configurably work in either mode. When it works in the second, fully automated mode, the system interfaces with the BankWorks system in order to authorize transactions. This interface is simple and should be easy to adapt to other systems for authorization.

Business Model

In order to offer the best options (e-commerce application cost vs. sophistication tradeoff) to merchants and card holders, based on the above discussion, a business model of transaction processing has been developed. It divides merchants on the Internet in three groups, depending on their e-commerce application:

1. Those interested in collecting payments
   
   
2. Those requiring pre-processing and authorization
   
   
3. Those requiring preprocessing, authorization, and post-processing

Merchants in the first group are only interested in collecting (often periodic) payments on their goods and services. The best examples are utility companies and subscription services. Such payments are identical to payments made at some ATMs. A card holder logs on an ATM, selects a merchant (e.g. a phone company), and enters the amount and the payment reference ID (e.g., his/her phone number). Similarly, on the Internet, a card holder can log on the portal of the Internet payment processing company and pay bills. In order to further facilitate the payment process, merchants can, for a fee, keep account balances of their customers in the Internet payment processing system. In such a way, card holders may review their account balances, get a pre-filled payment form, and simply confirm payment.

Note that, merchants do not even need their own web site. Mobtel (http://www.mobtel.co.yu), a post-paid mobile phone company, operated in such a way for a brief period of time, when it was redesigned to a more sophisticated e-commerce application (also developed by the author) that includes calculation of promotional discounts and payment pre-processing.

Microsoft Axapta

The standardized functionality in an ERP system shapes its usage. Efforts to use the system should be guided by (rather than run counter to) its fundamental underlying design. This section reviews the major design factors affecting system usage in manufacturing environments.

Manufacturing environments transform purchased materials into saleable items. In addition to the above-mentioned factors for distribution environments, the major factors shaping system usage include the definition of product structure for standard and custom products, variations in production strategy, and lean manufacturing practices.

Definition of Product Structure for Standard Products. Master bills and master routings define product and process design, and are assigned to relevant manufactured items. A manufactured item can have multiple bill and/or routing versions. Each master bill and routing, and each assigned version, requires an approval to support subsequent use in planning, costing, and orders.

Bill of Material Information. Each component defines an item, a required quantity, a component type, and other information such as the source warehouse, scrap factors, effectivity dates and the corresponding operation number. The component type indicates whether a manufactured component is make-to-stock, make-to-order, or a phantom, and whether a purchased component is buy-to-stock or buy-to-order. The BOM Designer provides a graphical tool for bill maintenance. The component item's auto-deduction policy determines whether consumption is auto-deducted or manually issued. A negative component quantity indicates a by-product component. The component's required quantity can also be based on a calculation formula that employs measurement information about the component and its parent item. A manufactured component can optionally specify a bill version and/or routing version that should be used to produce the component.

Routing Information. Each routing operation defines the operation number, the work center (or work center group), the time requirements and other information such as a scrap percentage and operation description. Each operation also specifies a master operation identifier that can optionally provide default values. The routing operation inherits some information from the designated work center—such as the cost categories, auto-deduction policies, and alternate work center information—that can be overridden. Separate cost categories and auto-deduction policies apply to setup time, run time, and output units.

Each work center belongs to a work center group, and has a calendar of working times. It can be designated as having finite or infinite capacity for scheduling purposes. For block scheduling purposes, a work center's calendar can indicate blocks of working time with a related property.

Order-Dependent Bill and Routing. A production order has a separate order-dependent bill and routing that initially reflect the assigned master bill and routing, and the user can manually maintain this information.

The Potential of Visa's XML Standard

Visa International has introduced a new specification to automate business-to-business (B2B) purchasing functions and monitor travel and entertainment (T&E) expenses worldwide - both on the Internet and in the physical world.

The new Visa Global Invoice Specification uses Extensible Markup Language (XML) to exchange invoice and payment data across industries and technical processing platforms. Implementation of the specification enables corporations to negotiate prices and control costs, as well as increase productivity by eliminating manual processes. It is being introduced as an open standard in the global commercial marketplace.

The new Visa Global XML Invoice Specification was developed with Visa technology partners Commerce One, IBM, Sun Microsystems, Inc. and ValiCert, Inc. These partners provided Visa with an extensive review, validating Visa's efforts to use XML technology and supporting Visa's contribution to the buyer/supplier value chain of enhanced data.

Visa is promoting the specification to software and system developers. With its use, corporate clients will have a standard way to process detailed information on procurement transactions, as well as T&E spending on airline travel, hotels and car rental. Visa plans to expand the specification to support other merchant sectors including healthcare, maintenance, repair & operations (MRO), and fleet services.

The specification may also be used by any system developer seeking a standard and interoperable definition for processing invoice data using XML. It provides a cross-industry, interoperable message format that enables processing of enhanced data across regions and industry sectors.

Market Impact

As the growth of e-commerce has exploded, Visa has been involved with both the consumer and commercial B2B markets to establish common standards and platforms. Examples of these efforts include: Open Platform; Common Electronic Purse Specification (CEPS); EMV (Europay, Mastercard, Visa) standard for chip, credit and debit cards; SET (Secure Electronic Transaction), and the new Visa Global Invoice Specification based on XML.

Visa used the Commerce One Common Business Library (xCBL) as the foundation for the Visa Global XML Invoice Specification and is working with several international XML governing bodies, including ebXML, for its official adoption as a standard. Other international standards organizations include Oasis/XML.org, and Microsoft BizTalk.

Visa's announcement has significant potential. Today, nomenclature, languages, and the terminology used to "describe" goods and services inhibit computers from openly sharing information.

Organizations such as Commerce One, Ariba, Oracle and SAP are creating partnerships with industry leaders. The consortia listed above are working to develop e-business standards. Should Visa, or any of industry leaders, require their business partners and supply chain to embrace a particular standard the "acceptance" would be exponential.

As these industry leaders and consortia continue their efforts, we expect to see multiple standards serving a breadth of industries. If accepted, Visa's standard could represent a piece of a larger whole; serving multiple markets and companies.

Standard & Poor's Exposes Customers' Security

Standard & Poor's (S&P), a division of McGraw-Hill, knowingly exposed their customers to information security vulnerabilities through their SPComstock analyst service. The security vulnerabilities, originally discovered in January, allowed customers to break into any other customer networks via their MultiCSP turnkey Linux box.

The stock quote service, which is provided to customers through a leased line, provides stock quotes and news on dedicated circuits.

Market Impact

Standard & Poor's was notified of this problem in January, and did little to reconcile the many security holes. The problem was first reported to S&P by customer Kevin Kadow, Network Security Analyst for MSG.net, and has been further verified and researched by Stephen Friedl. According to inside sources, as of March, S&P was still shipping out insecure boxes that had been changed only by cosmetic differences.

Once bad guys get into the box by using one of the many security holes, there exists the possibility to:

* Illegally alter published interest rates

* Illegally alter equity fund data

* Illegally alter earnings and balance sheet information

* Illegally print phony news stories

* Illegally change published dividend rates

Figure 1. S&P, a division of McGraw-Hill lags their own index.

The egregious security holes allow you to break into other customer networks so that you can alter the information on their sites, and access their networks. There exists the possibility to change all the data that an investor or analyst might bank daily transactions and investments on.

Lotus Announces Upcoming Release of ASP Solution Pack

SAN JOSE, Calif., Oct. 26, 1999 -- At ISPCON'99, IBM's Lotus Development Corp. today announced the ASP Solution Pack, a hosted applications offering that provides a Lotus Domino- and IBM WebSphere-powered platform and a ready-to-rent solution set directly targeted at the needs of Application Service Providers (ASPs) and their small and mid-sized business customers. The ASP Solution Pack combines Web application servers with differing core competencies and manages them via a common Hosting Management System. This enables ASPs to easily host, manage and deliver three categories of business applications: collaborative, transactive and real-time. (Source: Lotus Press)

Market Impact

The Lotus ASP Solution Pack contains four core "ready to rent" applications, which provide secure on-line groupware and application configuration based upon a user's network profile. The applications include Lotus QuickPlace, Domino Web Mail with calendaring and scheduling, Lotus Sametime and Instant Messaging. The ASP Solution Pack will provide support for Microsoft Windows NT, Sun Solaris and AIX, support for Linux and AS/400 will be added after the initial release. The product is expected for release to manufacturing in the 2nd Quarter of 2000 (probability 70%).

The product is targeted at small and mid-sized businesses, which make up the primary user base in the ASP arena. Lotus is the first of the big three to offer a lightweight, all-in-one groupware system designed specifically for ASPs. The ASP market is still in relative infancy, however it is raising quite a few eyebrows within the technology sector due to its remarkable growth rate. Lotus is stepping in to the application rental market in order to enhance its Internet viability with the ASP Solution Pack, and they are stepping in at the right time. Expect to see Lotus' ASP Solution Pack offering to take off in the 3rd quarter of 2000 (probability 65%).

Two Origins, One Destination

As time went on, people realized that having a consistent information source across departmental boundaries—and later on, throughout the extended enterprise environment—would be extremely beneficial in speeding up product development processes, serving customer needs better, and aiding faster and less expensive production. With the idea of facilitating collaboration between the producers and users of product definition information, as well as the entire life cycle of a product, PLM has taken shape and become an exemplary management methodology, not only for discrete manufacturing, but also for other industries such as process manufacturing, high-tech, consumer packaged goods (CPG), and even services.

Two Genres of PLM Vendors

Before going further, it is worthwhile examining what PLM represents in terms of solution offerings. Although multiple PLM definitions exist and the industry has not reached a consensus about what a PLM system is, people tend to consider PLM as consisting of two major categories.

1.

The first category is sometimes called "PLM tools," which includes various computer-aided technologies for manufacturing such as CAD, computer-aided manufacturing (CAM), and computer-aided engineering (CAE).
2.

The second category is known as collaborative Product Definition management (cPDm), which manages the documents and data generated by PLM tools and provides a collaborative platform for different parties within the product life cycle.

Due to PLM's origin in engineering and the heavy requirements of CAD integration in core cPDm functionality for discrete manufacturing, major PLM vendors (such as Dassault Systèmes, Siemens PLM, and PTC) have significant presence in CAD and related areas. These three vendors now provide both PLM tools and cPDm solutions, and hold almost a half of the total PLM market revenue (data source: AMR)[1]. The reason for the strength of these CAD-PLM vendors is obvious—they all started from CAD and developed cPDm solutions along the way by responding to their CAD users' demands for managing product definition information.

Meanwhile, another group of vendors provides cPDm solutions without CAD/CAM/CAE functionalities. There might be various reasons for non-CAD vendors to go to cPDm even though they don't provide PLM tools; and after a series of acquisitions (e.g. Infor's acquisition of Formation Systems, Oracle's acquisition of Agile, and more recently, Lawson's acquisition of FreeBorders PLM), it is becoming clear that enterprise resource planning (ERP) vendors are establishing themselves in the PLM market. These ERP-PLM vendors don't have a CAD advantage, but their extensive install bases in enterprise management systems may increase sales opportunities for their PLM offerings. After all, to many users, PLM is just another management system.

There are also other cPDm vendors who provide neither CAD nor ERP systems, but the CAD-PLM and ERP-PLM vendors are the two mainstreams in the PLM marketplace. Is there any difference between these two genres? Yes; and an easy way to understand one of the major differences is to examine the two gaps PLM needs to bridge in the enterprise environment.

Two Gaps between Product Definition Information and the Enterprise Environment

Ideally, there shouldn't be any gaps. Although major product definition information is generated by the design department of an organization, this information should be accessible instantly—not only by the design process, but also by consequent processes such as production, marketing, sales, and other services. Meanwhile, data from production, marketing, sales, and other services are valuable inputs for decision making during the design and development phases. However, due to the fact that during the early days of development, CAD and enterprise systems were developed in significant ignorance of each other, the gap became an obstacle when people started to realize the benefit of having an integrated environment that would cover almost every activity associated with a product's life cycle.

PLM was the choice for filling in the gap. In fact, the PLM approach actually fills in two gaps. The first is between PLM tools and cPDm. This gap is mainly handled by CAD integration. The second is the one between cPDm and ERP, which is usually handled by enterprise/ERP integration.

Would it be better to connect product definition data directly with an ERP system? No—not very likely. First of all, ERP is good at handling transactional data, but not necessarily good at handling the richness of product definition information. Second, ERP only needs certain parts of all the available data from a product definition. Third, due to the fact that "PLM tool" and ERP industries were formed separately, cPDm is the best solution bridging these two systems. Nowadays, both PLM-tool vendors and ERP vendors recognize that offering cPDm is a strategic direction to take.

Who Is Good at What?

So far, we have discussed the two main genres of PLM (or more precisely, of cPDm) players. Because of the different development histories, knowledge, and technologies of these two types of PLM, there seem to be differences in the capabilities that fill in the two gaps. To visually illustrate the differences, I randomly selected from the Technology Evaluation Centers (TEC) PLM Evaluation Center two PLM solutions from vendors who do not offer CAD products and another two from vendors that are significantly involved in CAD. Comparing the four solutions' scores for CAD integration and enterprise/ERP integration, we can deduce that a solution that scores higher on CAD integration gets a lower rating on enterprise/ERP integration, and vice versa (see figure 1).

Figure 1. Four solutions' scores for CAD integration and enterprise/ERP integration (data source: TEC).

Although four solutions do not represent the whole PLM industry, it is reasonable to think that CAD integration and enterprise/ERP integration require different technologies and knowledge, and that these differences are a reflection of the vendors' areas of expertise.

Which One Is Good for You?

Recognizing the origin of a PLM solution is meaningful when you need to identify the best-fit PLM solution for your organization. The following three factors may help you clarify your integration needs and affect your selection result.

*

Use of CAD/CAM/CAE in your organization: In general, the more complicated the CAD/CAM/CAE landscape, the more likely the need for CAD-PLM. A CAD-PLM vendor has the unbeatable ability to integrate its own CAD products. Due to long-time practice in PLM tools, CAD-PLM vendors are also making advances in regard to integration with other CAD products. However, this doesn't mean that ERP-PLM solutions won't get contracts from CAD users. Some mainstream CAD products are now supported by third-party integration tools that may be able to meet satisfactory integration requirements. In the meantime, major ERP-PLM vendors are working hard with CAD vendors to increase connectivity.
*

Industry and product features: If you are a discrete manufacturer and you have a complicated product structure, CAD-PLM is probably the one that you need. If your products do not have a complicated structure or have no structure at all, the vendor's industry focus might be a more important criterion in the software selection process than the vendor's origin (i.e. CAD or ERP).
*

Level of integration: You should also evaluate your expectation of the integration level. Seamless, real-time, and bidirectional integration is the ideal of every IT manager, but achieving this could be very costly or even impossible. A better approach might be to set reasonable and prioritized integration requirements for both CAD and enterprise/ERP integration, and to use the prioritization to help determine the genre of your PLM solution.