INSY 3330 Exam 2
Stickiness
(sometimes called duration) is the average length of time visitors remain at a website. Is important to marketers because the longer the amount of time a visitor spends at a website, the greater the probability of a purchase. However, equally important is what people do when they visit a website and not just how much time they spend there.
Mobile Marketing
Mobile site --- quick access; news; updates Apps --- visual engagement
Transaction Log
Records user activity at a website. It is built into the web software. The data becomes even more useful when combined with two other visitor-generated data trails: registration forms and the shopping cart database. Users are enticed through various means (such as free gifts or special services) to fill out registration forms.
Traditional online marketing
Search engine marketing --- query-based intention marketing Display advertising --- interest and context-based marketing; targeted marketing E-mail --- permission marketing Affiliates --- brand extension
4 main methods of Online Advertising
Search engine marketing and advertising Display ad marketing E-mail marketing Spam
Social marketing
Social networks --- conversations; sharing Micro blogging --- news, quick updates Blogs/forums --- communities of interest; sharing Visual marketing --- branding; sharing Video marketing --- engage; inform Game marketing --- Identification
Offline marketing
Television --- brand anchoring; inform Newspaper --- brand anchoring; inform Magazines --- brand anchoring; inform
Social Marketing
The objective is to encourage your potential customers to become fans of your company' products and services, and engage with your business by entering into a conversation with it. Your further objective is to encourage your business fans to share their enthusiasm with their friends, and in so doing create a community of fans online. Ultimately, the point is to strengthen the brand and drive sales, and do this by increasing tour "share of online conversation." There is some reason to believe that social marketing is more cost effective than traditional marketing although this is still being explored.
View-Through Rate
The percentage of viewers that visit an advertiser's site, either by clicking on an ad at the time advertised, or by visiting the advertiser's site later.
Digital Divide
Up until 2000, single, white, young, college educated males with high incomes dominated the Internet. This inequality in access and usage led to concerns about a possible "digital divide". However, in recent years, there has been a marked increase in internet usage by females, minorities, seniors, and families with modest incomes, resulting in a notable decrease-but not elimination- in the earlier inequality of access and usage. A roughly equal percentage of men (85.7%) and women (84.2%) use the internet today. Young adults (18-24) from the age group with the highest percentage of internet use, at over 98% followed closely by teens(12-17) at 97%. Adults in the 25-54 group are also strongly represented, with percentages of over 90%. Another fast growing group online is the 65 and over segment, about 68% of whom now use the internet. The percentage of very young children (0-11) online has also spurted, to about 67% of that age group. Future internet user growth in the united states will come predominantly from those aged 65 and older and from children in the 0-11 age bracket. Vacation across racial and ethnic groups is not as wide as across age groups. were significant differences among such groups in the United States, but inis has receded. In 2018, 89% of whites used the Internet, compared to 88% of Hispanics, and 87% of blacks. About 98% of households with income levels above $75,000 used the Internet, compared to only 81% of households earning less than $30,000. Over time. income differences have declined but they remain significant with over a 15% gap between the highest category of household income and the lowest. Amount of education also makes a significant difference when it comes to Internet usage. Of those individuals with less than a high school education, only 65% went online in 2018, compared to 97% of individuals with a college degree or more. Even some college education boosted Internet usage, with that segment reaching 93% (Pew Research Center, 2018b). Overall, the so-called "digital divide" has indeed moderated, but it still persists along income, education, age, and ethnic dimensions. Gender, income, education, age, and ethnicity also impact online behavior. According to the Pew Research Center, adults over the age of 65, those who have not completed high school, those who make less than $30,000 a year, and Hispanics are all less likely to purchase products online. Women are slightly more likely to purchase online thanInen, but not significantly so. With respect to online banking, the demographics are similar- those 65 and older are less likely than any age group to bank online, while those with at least some college are more likely than those with a high school diploma or less. Online banking is also more popular with men than women. No significant differences were found in terms of ethnicity (Pew Research Center, 2012). Other commentators have observed that children of poorer and less educated families spend considerably more time using their access devices for entertainment (movies, games, Facebook, and texting) than do children from wealthier households. For all children and teenagers, the majority of time spent on the Internet is ten labeled as "wasted time" because the majority of online use is for entertainment, d not education or learning.
Bundling
offers consumers two or more goods for a price that is less than the goods would cost when purchased individually. The key idea behind the concept of bundling is that although consumers typically have very diverse ideas about the value of a single product, they tend to agree much more on the value of a bundle of products offered at a fixed price. In fact, the per-product price people are willing to pay for the bundle is often higner than when the products are sold separately. Bundling reduces the variance ¡sion) in market demand for goods.
Click-Through Rate
measures the percentage of people exposed to an online advertisement who actually click on the advertisement
Digital Cash
Funds contained on computer software, in the form of secure programs stored on microchips and other computer devices.
Registration forms
Gather personal data on name, address, phone, ZIP code, e-mail address (usually required), and other optional self-confessed information on interests and tastes. When users make a purchase, they also enter additional information into the shopping cart database.
Cybercrime
Any criminal action perpetrated primarily through the use of a computer
E-commerce Security (6 Dimensions)
- integrity - nonrepudiation - authenticity - confidentiality - privacy - availability
E-commerce Vulnerability
- the client - the server - the communications pipeline
Trojan Horse
Appears to be benign, but then does something other than expected. Often a way for viruses or other malicious code such as bots or rootkits (a program whose aim is to subvert control of the computer's operating system)to be introduced into a computer system. A trojan horse may masquerade as a game, but actually hide a program to steal your passwords and e-mail them to another person. Miscellaneous trojans and trojan downloaders and droppers (Trojans that install malicious files to a computer they have infected by either downloading them from a remote computer or from a copy contained in their own code) are a common type of malware. In 2011 Sony's PlayStation game center and downloaded personal and credit card information involving 77 million registered users. Trojan horses are often used for financial malware distributed via botnets. One example, is Zeus, which steals information by keystroke logging and has infected over 10 million computers since it first became known in 2007. Other examples include Tinba, a trojan that sells user credentials via a web injection attack as users attempt to log into their bank websites, Ramnit, which is designed to steal banking, FTP passwords, session cookies and personal data, and Emotet, a banking trojan that reemerged in the second half of 2017.
Spyware
Can be used to obtain information such as a user's keystrokes, copies of e-mail and instant messaging, and even take screenshots (and thereby capture passwords or other confidential data).
CAN-SPAM
Congress passed the first national anti-spam law ("Controlling the Assault of Non-Solicited Pornography and Marketing" or CAN-SPAM Act) in 2003, and it went into effect in January 2004. The act does not prohibit unsolicited e-mail (spam) but instead requires an unsolicited commercial e-mail messages to be labeled (though not by a standard method) and to include opt-out instructions 10 the sender's physical address. It prohibits the use of deceptive subject lines and false head such as messages. The FTC is authorized (but not required) to establish a "Do Not E-mail" registry State laws that require labels on unsolicited commercial e-mail or prohibit such messages entire are pre-empted, although provisions merely addressing falsity and deception may remain in place. The ct imposes fines of $10 for each unsolicited pornographic e-mail and authorizes state attorneys general to bring lawsuits against spammers. The act obviously makes lawful legitimate bulk mailing of Unsolicited e-mail messages (what most people call spam), vet seeks to prohibit certain deceptive practices and provide a small measure of consumer control by requiring opt-out notices. In this sense critics point out, CAN-SPAM ironically legalizes spam as long as spammers follow the rules. For this reason, large spammers have been among the bill's biggest supporters, and consumer groups have been the act's most vociferous critics. In contrast, Canada's anti-spam law is one of the toughest in the world. Unlike the CAN-SPAM Act. Canada's law is based on an opt-in model and prohibits the sending of commercial e-mail, texts, and social media messaging unless the recipient has given his or her consent. Violations of the law can lead to penalties of up to $1 million for individuals and $10 million for organizations. The first phase of the law went into effect in 2014. The law applies anytime a computer within Canada is used to send or access an electronic message, so companies located within the United States that send e-mail to Canada must comply with the law. In July 2017, an additional section of the law that allows private individuals and organizations that are affected by a violation of the law to sue went into effect, broadening its impact (Fowler, 2017).
Worm
Designed to spread from computer to computer. It does not need to be activated by a user or program in order to replicate itself. is designed to spread from computer to computer. A worm does not necessarily need to be activated by a user or program in order for it to replicate itself. The Slammer worm is one of the most notorious. Slammer targeted a known vulnerability in Microsoft's SQL Server database software and infected more than 90% of vulnerable computers worldwide within 10 minutes of its release on the Internet; crashed Bank of America cash machines, especially in the southwestern part of the United States; affected cash registers at supermarkets such as the Publix chain in Atlanta, where staff could not dispense cash to frustrated buyers; and took down most Internet connections in South Korea, causing a dip in the stock market there. The Conficker worm (also known as Downad), Which first appeared in 2008, is the most significant worm since Slammer, and reportedly infected 11 million computers worldwide (Microsoft, 2015). Originally designed to establish a global botnet, a massive industry effort has defeated this effort, but in 2017, Conficker was resurrected by hackers to aid in infecting computers with WannaCry ransomware, described below. It is still one of the most prevalent malware threats on the Internet (Scmagazine.com, 2017: TrendMicro,2017).
Access Control
Determine which outsiders and insiders can gain legitimate access to your networks. Outsider access controls include firewalls and proxy servers, while insider access controls typically consists of login procedures (usernames, passwords, and access codes)
Public Key Encryption (Asymmetric cryptography)
In 1976, a new way of encrypting messages was invented by Whitfield Diffie and Martin Hellman. In this method, two mathematically related digital keys are used: a public key and a private key. The private key is kept secret by the owner, and the public key is widely disseminated. Both keys can be used to encrypt and decrypt a message. However, once the keys are used to encrypt a message, the same key cannot be used to unencrypt the message. The mathematical algorithms used to produce the keys are one-way functions. A one-way irreversible mathematical function is one in which, once the algorithm is applied, the input cannot be subsequently derived from the output. The keys are sufficiently long (128, 256, and 512 bits) that it would take enormous computing power to derive one key from the other rising the largest and fastest computers available. Once encrypted using the public key, the message cannot be reverse-engineered or unencrypted using the same public key. The encrypted message is broken into packets and sent through several different pathways, making an interception of the entire message difficult. The only person who can decrypt the message is the person who has possession of the recipient's private key.
Graph Search
In 2013, Facebook introduced Graph Search, a "social" search engine that searched your social network for answers to queries. It was a semantic search engine insofar as it provided a single answer rather than a list of links based on an algorithm's estimate of user intention. It was also a hybrid search engine that relied on Bing to supplement results. In 2015, Facebook significantly expanded its search functionality. It now focuses on keywords and includes everyone's public posts, Likes, photos, and interest (including posts by brands), and makes them available to all users of Facebook, friends or not. In 2016, Facebook reported that users were doing 2 billion searches a day of 2.5 trillion posts.
Symmetric Key Encryption
In this key cryptography, both the sender and the receiver use the same key to encrypt and decrypt the message. They both have the same key by sending it over some communication media or exchanging the key in person. Unfortunately, these older means of encryption can be broken quickly with today's powerful computers, and secondly, it requires that both parties share the same key. In order to do this, it must be sent over a potential insecure medium where it can be stolen and used to decipher the message. In commercial use, this would also be difficult due to the fact that you would need a secret key for each of the parties with whom you transact (customers). The strength of modern security protection is measured in terms of the length of the binary key used to encrypt the data. In the preceding example, the eight-bit key is easily deciphered because there are only 256 possibilities. If the intruder knows you are using an eight-bit key, then he or she could decode the message in a few seconds using a modern desktop PC just by using the brute force method of checking each possible key. For this reason, modern digital encryption systems use keys with 56, 128, 256, or 512 binary digits. With encryption keys of 512 digits, it is estimated that all the computers in the world would need to work for 10 years before stumbling upon the answer.
Web Beacon
Web beacons are tiny (1-pixel) graphic files embedded in email messages and on websites. Web beacons are used to automatically transmit information about the user and the page being viewed to a monitoring server in order to collect personal browsing behavior and other personal information. For instance, when a recipient opens an email in HTML format or opens a web page, a message is sent to a server calling for graphic information. This tells the marketer that the email was opened, indicating that the recipient was at least interested in the subject header. Web beacons are not visible to other users. They are often clear or colored white so they are not visible to the recipient. You may by able to determine if a web page is using web beacons by using the view source option of your browser and examining the IMG (image) tags on the page. As noted above, web beacons are typically one pixel in size and contain the URL of a server that differs from the one that served the page itself.
Comprehensive Multi-Channel Marketing
Web site, traditional online marketing, social marketing, mobile marketing, and offline marketing.
TLS
When you receive a message from a server on the Web with which you will be communicating through a secure channel, this means you will be using SSL/TLS to establish a secure negotiated session. A secure negotiated session is a client-server session in which the URL of the requested document, along with the contents, contents of forms, and the cookies exchanged, are encrypted. For instance, the credit card number that you entered into a form would be encrypted. Through a series of handshakes and communications, the browser and the server establish one another's identity by exchanging digital certificates, decide on the strongest shared form of encryption, and then proceed to communicate using an agreed-upon session key. A session key is a unique symmetric encryption key chosen just for this single secure session. Once used, it is gone forever. SSL/TLS provides data encryption, server authentication, optional client authentication, and message integrity for TCP/IP connections. SSL/TLS addresses the issue of authenticity by allowing users to verify another user's identity or the identity of a server. It also protects the integrity of the messages exchanged. However, once the merchant receives the encrypted credit and order information, that information is typically stored in unencrypted format on the merchant's servers. While SSL/TS provides secure transactions between merchant and consumer, it only guarantees server-side authentication. Client authentication is optional. In addition, SSL/TLS cannot provide irrefutability - consumers can order goods or download information products, and then claim the transaction never occurred. Recently, social network sites such as Facebook and Twitter have begun to use SSL/TLS for a variety of reasons, including the ability to thwart account hijacking using Firesheep over wireless networks. Firesheep, an add-on for Firefox, can be used by hackers to grab unencrypted cookies used to "remember" a user and allow the hacker to immediately log on to the website as that user. SSL/TLS can thwart such an attack because it encrypts the cookie. IN 2015, the White House's Office of Management and Budget issued a memorandum requiring that all publicly accessible federal websites and web services use HTTPS by December 31, 2016. HTTPS encrypts user requests to website servers. It is implemented by the server adopting the HTTP Strict Transport Security (HSTS) feature that forces browsers to only access the server using HTTPS.
Business e-mail compromise (BEC)
an attacker poses as a high-level employee of a company and requests that another employee transfer funds to a fraudulent account. One specific type of BEC phishing that has become very prevalent involves requests for employees' W-2 information from payroll or human resources personnel by scammers impersonating high-level company executives. Almost half of the email addresses involved in this type of phishing that it analyzed had Nigerian IP addresses. Over 12.5 billion worldwide have been reported stolen during the period from October 2013 to May 2018 as a result of BEC phishing.
Botnet
are collections of captured computers used for malicious activities such as sending spam, participating in a DDoS attack or credential stuffing campaign (malicious login attempts), stealing information from computers, and storing network traffic for later analysis. The number of botnets operating worldwide is not known but is estimated to be well into the thousands, controlling millions of computers. Bots and bot networks are an important threat to the internet and e-commerce because they can be used to launch very large-scale attacks using many different techniques. In 2011, federal marshals accompanied members of Microsoft's digital crimes unit in raids designed to disable the Rustock botnet, at that time the leading source of spam in the world with nearly 50,000 slave PCs under the control of its command and control servers located at six internet hosting services in the United States. Officials confiscated the Rustock control servers at the hosting sites, which claimed they had no idea what the Rustock servers were doing. The actual spam e-mails were sent by the slave PCs under the command of the Rustock servers. In 2013, Microsoft and the FBI engaged in another aggressive botnet operation, targeting 1,400 Zeus-derived Citadel botnets, which had been used in 2012 to raid bank accounts at major banks around the world, netting over $500 million. In 2015, an international cyber squad took down the Beebone botnet, made up of 12,000 computers that had been infecting about 30,000 computers a month around the world via drive-by downloads with Changeup, a polymorphic worm used to distribute trojan, worms, backdoors, and other types of malware. The FBI and British police were also able to stop a botnet that had stolen over $10 million from banks. As a result of efforts such as these, the number of bots has significantly declined, especially in the United States, although in 2017, there was an over 60% increase in overall botnet activity.
Proxy Server
are software servers (often dedicated computers) that handle all communications originating from or being sent to the internet by local clients, acting as a spokesperson or bodyguard for the organization. Proxies act primarily to limit access of internal clients to external internet servers, although some proxy servers act as firewalls as well. Proxy servers are sometimes called dual-home systems because they have two network interfaces. For internal computers, a proxy server is known as the gateway, while for external computers it is known as a mail server or numeric address. When a user on an internal network requests a web page, the request is routed first to the proxy server. The proxy server validates the user and the nature of the request, and then sends the request onto the internet. A web page sent by an external internet server first passes to the proxy server. If acceptable, the web page passes onto the internal network web server and then to the client desktop. By prohibiting users from communicating directly with the internet, companies can restrict access to certain types of sites, such as pornographic, auction, or stock-trading sites. Proxy servers also improve web performance by storing frequently-requested web pages locally, reducing upload times, and hiding the internal network's address, thus making it more difficult for hackers to monitor.
Shopping cart databases
captures all the item selection, purchase, and payment data. Other potential additional sources of data are information users submit on product forms, contribute to chat groups, or send via e-mail messages using the "Contact Us" option on most sites.
Versioning
creating multiple versions o the to different market segments at different prices. In this situation, the price depends on the value to the co groups that are willing to pay different amounts for various versions. Versioning fits well with a modified " offered for free, while premium versions can be offered at higher prices. What are characteristics of a "re formation goods, even "free"-versions might be less convenient to use, less comprehensive, slower „n-priced versions. Just as there are different General Motors car brands appealing to different market and within these divisions, hundreds of models from the most basic to the more powerful and functional, to segment and target the market and position the products. In the realm of information goods. online ma offer sample content for free, but charge for more powerful content. The New York Times, for instance, al month online for free, but if you want to read more, you must have a digital subscription. Some websites turn off the ads for a monthly fee.
Intrusion Detection
examines network traffic, watching to see if it matches certain patterns or preconfigured rules indicative of an attack. If it detects suspicious activity, the IDS will set off an alarm alerting administrators and log the event in a database. An IDS is useful for detecting malicious activity that a firewall might miss.
Geo-fencing
identify a perimeter around a physical location, and then target ads to users within that perimeter, recommending actions possible within the fenced-in area. The perimeter can be hundreds of feet (in urban areas) to several miles (in suburban locations). For instance, if users walk into the geo-fenced perimeter of a store, restaurant, or retail shop, they will receive ads from businesses.
Spoofing
involves attempting to hide a true identity by using someone else's e-mail or IP address. For instance, a spoofed e-mail will have a forged sender e-mail address designed to mislead the receiver about who sent the e-mail. IP spoofing involves the creation of TCP/IP packets that use someone else's source IP address, indicating that the packets are coming from a trusted host. Most current routers and firewalls can offer protection against IP spoofing. Spoofing a website sometimes involves pharming @, automatically redirecting a web link to an address different from the intended one, with the site masquerading as the intended destination. Links that are designed to lead to one site can be reset to send users to a totally unrelated site one that benefits the hacker. Although spoofing and pharming do not directly damage files or network servers, they threaten the integrity of a site. For example, if hackers redirect customers to a fake website that looks almost exactly like the true site, they can then collect and process orders, effectively stealing business from the true site. Or, if the intent is to disrupt rather than steal, hackers can alter orders inflating them or changing products ordered and then send them on to the true site for processing and delivery. Customers become dissatisfied with the improper order shipment, and the company may have huge inventory fluctuations that impact its operations. In addition to threatening integrity, spoofing also threatens authenticity by making it difficult to discern the true sender of a message Clever hackers can make it almost impossible to distinguish between a true and a fake identity or web address.
Fan acquisition
involves using any of a variety of means, from display ads to News Feed and page pop-ups, to attract people to your Facebook page, Twitter feed, or other platform like a web page. It's getting your brand "out there" in the stream of social messages. Display ads on social sites have a social dimension (sometimes called "display ads with social features" or simply "social ads"). Social ads encourage visitors to interact and do something social, such as participate in a contest, obtain a coupon, or obtain free services for attracting friends.
Amplification
involves using the inherent strength of social networks. on Facebook, the average user has 120 "friends". This includes all people they have ever friended, including people whom they dont really know (and who dont really know them). Facebook users typically have only three to four close friends with whom they discuss confidential matters, and a larger set of around 20 friends with whom they have two-way communications (mutual friends). Let's use 20 as a reasonable number of mutual friends for marketing purposes. For marketers, this means that if they can attract on fan and encourage that fan to share his or her approval with his or her friends, the message can be amplified twenty times: 20 friends of the one can be influenced. Best of all: the friends of the fans are free. Marketers pay to attract only the initial fan and they are not charged by social sites (currently) for the amplification that can result.
CRM System
is a repository of customer information that records all of the contacts that a customer has with a firm (including websites) and generates a customer profile available to everyone in the firm with a need to "know the customer" CRM systems also supply the analytical software required to analyze and use customer information. Customers come to firms not just over the Web but also through telephone call centers, customer service representatives, sales representatives, automated voice response systems, ATMs and kiosks, in-store point-of- sale terminals, and mobile devices (m-commerce). Collectively, these are referred to as "customer touchpoints D." In the past, firms generally did not maintain a single repository of customer information, but instead were organized along product lines, with each product line maintaining a customer list (and often not sharing it with others in the same firm). In general, firms did not know who their customers were, how profitable they were, or how they responded to marketing campaigns. For instance, a bank customer might see a television advertisement for a low-cost auto loan that included an 800-number to call. However, if the customer came to the bank's website instead, rather than calling the 800- number marketers would have no idea how effective the television campaign was because this web customer contact data was not related to the 800-number call center data Figure 6.9 E illustrates how a CRM system integrates customer contact data into a single system. This is an example of a CRM system. The system captures customer information from all customer touchpoints as well as other data sources, merges the data, and aggregates it into a single customer data repository or data warehouse where it can be used to provide better service as well as to construct customer profiles for marketing purposes. Online analytical processing (OLAP) allows managers to dynamically analyze customer activities to spot trends or problems involving customers. Other analytical software programs analyze aggregate customer behavior to identify profitable and unprofitable customers as well as customer activities. CRMs are part of the evolution of firms toward a customer-centric and marketing-segment-based business, and away from a product-line-centered business. RMs are essentially a database technology with extraordinary capabilities for addressing the needs of each customer and differentiating the product or service on the basis of treating each customer as a unique person. Customer profiles can contain the following information: • A map of the customer's relationship with the institution • Product and usage summary data • Demographic and psychographic data • Profitability measures • Contact history summarizing the customer's contacts with the institution across most delivery channels • Marketing and sales information containing programs received by the customer and the customer's responses • E-mail campaign responses • Website visits • Mobile app downloads With these profiles, CRMs can be used to sell additional products and services, develop new products, increase product utilization, reduce marketing costs, identify and retain profitable customers, optimize service delivery costs, retain high lifetime value customers, enable personal communications, improve customer loyalty, and increase product profitability. The goal is what is known as a "360-degree" view that enables a company to know what its customers buy how they browse, what kinds of communications and offers will engage them, and more. Leading CRM vendors include Oracle, SAP, Microsoft, Sales-force, and SugarCRM, many of which offer cloud-based versions of their CRM products. One issue facing cloud RM providers and global companies that use those products is European Union data regulations that will require them to reassess how they use CRM data in order to avoid violating those regulations. All the major vendors offer cloud-based SaaS CM applications.
Cookie
is a small text file that websites place on the hard disk of visitors' client computers every time they visit, and during the visit, as specific pages are visited. Allow a website to store data on a user's computer and then later retrieve it. Typically includes a name, a unique ID number for each visitor that is stored on the user's computer, the domain (which specifies the web server/domain that can access the cookie), a path (if a cookie comes from a particular part of a website instead of the main page, a path will be given), a security setting that provides whether the cookie can only be transmitted by a secure server, and an expiration date (not required). First party cookies come from the same domain name as the page the user is visiting, while third-party cookies come from another domain, such as ad serving or adware companies, affiliate marketers, or spyware servers. On some websites, there are literally hundreds of tracking files on the main pages. Provides web marketers with a very quick means of identifying the customer and understanding his or her behavior at the site. Websites use cookies to determine how many people visiting the site, whether they are new or rpeat visitors, and how often they have visited, although this data may be somewhat inaccurate because people share computers, they often use more than one computer, and cookies may have been inadvertently or intentionally erased. Cookies make shopping carts and "quick checkout" options possible by allowing a site to keep track of a user as he or she adds to the shopping cart. Each item added to the shopping cart is stored in the site's database along with the visitor's unique ID value. Ordinary cookies ae easy to spot using your browser, but Flash cookies, beacons, and tracking codes are not easily visible. All common browsers allow users to see the cookies placed in their cookies file. Users can delete cookies, or adjust their settings so that third-party cookies are blocked, while first-party cookies are allowed. With growing privacy concerns, over time the percentage of people deleting cookies has risen. The more cookies are deleted, the less accurate are web page and ad server metrics, and the less likely marketers will be able to understand who is visiting their sites or where they came from. As a result, advertisers have sought other methods. One way is using Adobe Flash software, which creates its own cookies files, known as Flash cookies. Flash cookies can be set to never expire, and can store about 5 MB of information compared to the 1,02 bytes stored by regular cookies. Although cookies are site-specific ( website can only receive the data it has stored on a client computer and cannot look at any other cookie), when combined with web beacons (also called "bugs", "clear GIFs," or "pixel tag"), they can be used to create cross-site profiles. Web beacons are tiny (1-pixel) graphic files embedded in email messages and on websites. Web beacons are used to automatically transmit information about the user and the page being viewed to a monitoring server in order to collect personal browsing behavior and other personal information. For instance, when a recipient opens an email in HTML format or opens a web page, a message is sent to a server calling for graphic information. This tells the marketer that the email was opened, indicating that the recipient was at least interested in the subject header. Web beacons are not visible to other users. They are often clear or colored white so they are not visible to the recipient. You may by able to determine if a web page is using web beacons by using the view source option of your browser and examining the IMG (image) tags on the page. As noted above, web beacons are typically one pixel in size and contain the URL of a server that differs from the one that served the page itself. Using cookies on mobile devices has been les effective. Regular cookies on the mobile Web are reset every time a user closes his or her mobile browser and in-app cookies can't be shard between apps, making both of limited utility. However, with the increasing numbers of people using mobile devices to access the internet, it is not surprising that telecommunications companies have begun to use tracking files. In late 2014, it was revealed that Verizon Wireless and AT&T were inserting a tracking header called a Unique Identifier Header (UIDH) into HTTP requests issued to websites from mobile devices, enabling them to track the online activities of their subscribers. Commentators call these tracking headers zombie cookies, perma-cookies, or super cookies because they cannot be deleted the way that regular browser cookies can. Following the outcry by privacy advocates and an FCC investigation, AT&T reportedly stopped using super cookies, and in 2016, Verizon settled with the FCC, agreeing to pay a $1.35 million fine, and to obtain customer permission before sharing tracking data with other companies and even with other parts of Verizon, including sites owned by AOL. In addition, Verizon agreed to inform customers about its ad targeting practices in the first instance. The FCC also is considering whether to outlaw the use of super cookies entirely.
SQL
is an industry-standard database query and manipulation language used in relational databases.
Curalate
is an online service to measure the impact of Pinterest and other visual social media. It listens and measures visual conversation by seeing what pictures pin and repin, and also analyzes the colors in the picture. Curalate currently has over 450 brands using its platform.
Hadoop
is an open source software framework managed by the Apache Software Foundation that enables distributed parallel processing of huge amounts of data across inexpensive computers. It breaks a big data problem down into subproblems, distributes them among up to thousands of inexpensive computer processing nodes, and then combines the result into a smaller data set that is easier to analyze. You've probably used Hadoop to find the best airfare on the Internet, get directions to a restaurant, search on Google, or connect with a friend on Facebook Hadoop can process large quantities of any kind of Jata, including structured transactional data, loosely structured data such as Facebook and Twitter feeds, complex data such as web server log files, and unstructured audio and video data. Hadoop runs on a cluster of inexpensive servers, and processors can be added or removed as needed. Companies use Hadoop to analyze very large volumes of data as well as for a staging area for unstructured and semi-structured data before it is loaded into a data warehouse. Twitter's Hadoop clusters, which host more than 300 petabvtes of data (30.000 times more information than in the Library of Congress) across tens of thousands of servers. are at the core of its data platform (Agarawal, 2018). Facebook also stores over 300 petabvtes of data on Hadoop clusters. Yahoo uses Hadoop to track user behavior so it can modify its home page to fit user interests. Life sciences research firm NextBio uses Hadoop and HBase to process data for pharmaceutical companies conducting genomic research. Top database vendors such as IBM, Hewlett-Packard, Oracle, and Microsoft have their own Hadoop software distributions. Other vendors offer tools for moving data into and out of Hadoop or for analyzing data within Hadoop. In addition, there are many new tools being developed for big data analysis in addition to Hadoop. One example is Spark, an open source product being supported by IBM that can deliver results faster than Hadoop.
Phishing Attack
is any deceptive, online attempt by a third party to obtain confidential information for financial gain. Typically do not involve malicious code but instead relies on straightforward misrepresentation and fraud, so-called, "social engineering" techniques. One of the most popular phishing attacks is the e-mail scam letter. The scam begins with an e-mail: a rich former oil minister of Nigeria is seeking a bank account to stash millions of dollars for a short period of time and requests your bank account number where the money can be deposited. In return, you will receive a million dollars. This type of email scam is popularly known as a "Nigerian letter" scam. Thousands of other phishing attacks use other scams, some pretending to be eBay, PayPal, or Citibank writing to you for account verification (known as spear phishing, or targeting a known customer of a specific bank or other type of business). Click on a link in the e- mail and you will be taken to a website controlled by the scammer, and prompted to enter confidential information about your accounts, such as your account number and PIN codes. On any given day, millions of these phishing attack e-mails are sent, and, unfortunately, some people are fooled and disclose their personal account information Phishers rely on traditional "con man" tactics, but use e-mail or other forms of online communication, such as social media or SMS messaging, to trick recipients into voluntarily giving up financial access codes, bank account numbers, credit card numbers, and other personal information. Often, phishers create (or "spoof") a website that purports to be a legitimate institution and cons users into entering financial information, or the site downloads malware such as a keylogger to the victim's computer. For instance, a 2018 report found that the number of fake retail website designed to phish for customer information rose by almost 300% from the third quarter of 2017 to the third quarter of 2018 (Zhou, 2018). Phishers use the information they gather to commit fraudulent acts such as charging items to your credit cards or withdrawing funds from your bank account, or in other ways "steal your identity" (identity fraud). Symantec reported that in 2017, about 1 in every 2,995 e-mails contained a phishing attack, a slight decrease in the rate compared to 2016. Although more and more people are becoming alert to the dangers of phishing, Verizon found that on average, 4% of people in any given phishing campaign will still click on it (Symantec, 2018; Verizon, 2018). However, certain types of phishing, such as BEC phishing and spear phishing, continue to grow. In perhaps one of the most notorious examples of spear phishing, e-mails that appeared to be legitimate Gmail password account reset requests enabled hackers to gain access to the Gmail account of John Podesta, Hillary Clinton's campaign chairman, as well as a number of other members of the Democratic National Committee, during the 2016 election (Symantec, 2018. 2017). To combat phishing, in 2012, leading e-mail service providers, including Google, Microsoft, Yahoo, and AOL, as well as financial services companies such as PayPal, Bank of America, and others, joined together to form DMARC.org, an organization aimed at dramatically reducing e-mail address spoofing, in which attackers use real e-mail addresses to send phishing e-mails to victims who may be deceived because the e-mail appears to originate from a source the receiver trusts. DMARC (Domain-based Message Authentication, Reporting, and Conformance) offers a method of authenticating the origin of the e-mail and allows receivers to quarantine, report, or reject messages that fail to pass its test. Yahoo and AOL have reported significant success against email fraud as a result of using DMARC, and in 2016 Google joined them in implementing a stricter version of DMARC, in which e-mail that fails DMARC authentication checks will be rejected. As of November 2018, over three-quarter of all federal domains use DMARC, and over 50% of Fortune 500 companies, up from just one- third in 2017 (Whittaker, 2018).
Desktop marketing
primarily focused with browser-based search and display ads, and email marketing
Firewall
refers to either hardware or software that filters communication packets and prevents some packets from entering the network based on a security policy. the firewall controls traffic to and from servers and clients, forbidding communications from untrustworthy sources, and allowing other communications from trusted sources to proceed. Every message that is to be sent or received from the network is processed by the firewall, which determines if the message meets security guidelines established by the business. If it does, it is permitted to be distributed, and if it doesn't, the message is blocked. Firewalls can filter traffic based on packet attributes such as source IP addresses, destination port IP addresses, type of service (such as WW or HTTP), the domain name of the source, and many other dimensions. Most hardware firewalls that protect local area networks connected to the internet have default settings that require little if any administrator intervention and employ simple but effective rules that deny incoming packets from connection that does not originate from internal request - the firewall only allows connections from servers that you requested service from. A common default setting on hardware firewalls (DSL and cable modem routers) simply ignores efforts to communicate with TCP port 445, the most commonly attacked port. the increasing use of firewalls by home and business internet users has greatly reduced the effectiveness of attacks, and forced hackers to focus more on e-mail attachments to distribute worms and viruses. There are two major methods firewalls use to validate traffic: packet filters and application gateways. Packet filters examine data packets to determine whether they are destined for a prohibited port or originate from a prohibited IP address (as specified by the security administrator). The filter specifically looks at the source and destination information, as well as the port and packet type, when determining whether the information may be transmitted. One downside of the packet filtering method is that it is susceptible to spoofing, because authentication is not one of its roles. Application gateways are a type of firewall that filters communications based on the application being requested, rather than the source or destination of the message. Such firewalls also process requests at the application level, farther away from the client computer than packet filters. By providing a central filtering point, application gateways provide greater security than packet filters but can compromise systems performance. Next generation firewalls use an application-centric approach to firewall control. They are able to identify applications regardless of the port, protocol, or security evasion tools used; identify users regardless of device or IP addresses; decrypt outbound SSL; and protect in real time against threats embedded in applications.
Privacy
refers to the ability to control the use of information a customer provides about themselves to an e-commerce merchant. E-commerce merchants must establish internal policies that govern their own use of customer information, and they must protect that information from illegitimate or unauthorized use.
Availability
refers to the ability to ensure that an e-commerce site continues to function
Nonrepudiation
refers to the ability to ensure that e-commerce participants do not deny (i.e., repudiate) their online actions. For instance, the availability of free e-mail accounts with alias names makes it easy for a person to post comments or send a message and perhaps later deny doing so. Even when a customer uses a real name and e-mail address, it is easy for that customer to order merchandise online and then later deny doing so. In most cases, because merchants typically do not obtain a physical copy of a signature, the credit card issuer will side with the customer because the merchant has no legally valid proof that the customer ordered the merchandise.
Integrity
refers to the ability to ensure that information being displayed on a website ,or transmitted or received over the internet, has not been altered in any way by an unauthorized party.
Confidentiality
refers to the ability to ensure that messages and data are available only to those who are authorized to view them
Authenticity
refers to the ability to identify the identity of a person or entity with whom you are dealing on the internet. Someone who claims to be someone he is not is "spoofing" or misrepresenting himself
Social Density
refers to the number of interactions among members of a group and reflects the "connectedness" of a group, even if these connections are forced on users. For instance, some natural groups of people are not very "social" and few messages flowing among members. Other natural groups are loquacious and chatty with many messages flowing among members. The scope, intensity, and depth of Facebook's repository of personal information and rich social network present extraordinary marketing opportunities.
Location-Based Mobile Marketing
targets marketing messages to users based on their location. Generally involves the marketing of location-based services. Examples of location-based services are personal navigation (How do I get there?), point-of-interest (What's that?), reviews (What's the best restaurant in the neighborhood?), friend finder (where are you? where's the crowd?), and family tracker services (where's my child?). There is a connection, of course: the more people use their mobile devices to search for and obtain local services, the more opportunities there are for marketers to target consumers with messages at just the right moment, at just the right location, and in just the right way - not too pushy and annoying, but in a way to improve the consumer experience at the moment of local shopping an buying. This the ideal in any event. Can take place on a desktop as well because browsers and marketers know your approximate location.
Mobile commerce
the ability to purchase using a mobile device. communicating with or selling to consumers through wireless handheld devices such as cellular phones.
Marginal Cost
the incremental cost of producing the next unit. A profit-maximizing company sets its prices so that the marginal revenue (the revenue the company receives from the next unit sold) from a product just equals its marginal costs. If a firm's marginal revenue is higher than its marginal costs, it would want to lower prices a bit and sell more products (why leave money on the table when you can sell a few more units?). If its marginal revenue for selling a product is lower than its marginal costs, then the company would want to reduce the volume a bit and charge a higher price (why lose money on each additional sale?)In the early years of e-commerce, sellers priced their products far below their marginal costs. The idea was to attract eyeballs with free goods and services, and then later, once the consumer was a part of a large, committed audience, charge advertisers enough money to make a profit, and charge customers subscription fees for value-added services (the so-called piggyback strategy in which a small number of user can be convinced to pay for premium services that are piggybacked upon a larger audience that receives standard or reduced-value services). To a large extent, social network sites and user-generated content sites have resurrected this revenue model with a focus on the growth in audience size and not short-term profits.
Hits
the number of HTTP requests received by a firm's server. Can be misleading as a measure of website activity because a "hit" does not equal a page. A single page may account for several hits if the page contains multiple images or graphics. A single website visitor can generate hundreds of hits. For this reason, hits are not an accurate representation of web traffic or visits, even though they are generally easy to measure; the sheer volume of hits can be huge - and sound impressive- but not be a true activity.
Impressions
the number of times an advertisement appears in front of the user
Web site
traditional website --- anchor site
