The Evolution of Trust and Electronic Commerce Security

By Pauline Ratnasingam
E-mail: paura@studentmail.dis.unimelb.edu.au 

Abstract

Many organizations are currently examining opportunities made available for electronic commerce over the Internet. With the rapid growth and hype of EC, the question of trust and reliability of commercial transactions sent and received by the trading partners in a global market place has become more imperative. While the paper introduces the importance of trust, it also highlights the evolution between technology, trust and security from traditional commerce to electronic commerce. Current research in EC indicated that when greater protection mechanisms in the form of written contracts, standards, policies and legislation were applied, trust and security level increased.

Introduction

Electronic Commerce (EC) is defined as a means of conducting business electronically via online transactions between trading partners. The growth of Internet commerce is expected to become a $7 billion industry by the year 2000 (Moukheiber, 1997). EC is often equated with Electronic-Data-Interchange (EDI), so it is important to clarify that EC embraces EDI. Today electronic commerce is moving beyond EDI Value-Added-Networks (VANs) by leveraging into the Internet, either by extending EDI or via a Web technology. The business benefits include lower costs and more flexible systems, which enable closer and more efficient relationships within a wider range of suppliers, partners and customers.

The resulting costs and lead times of the VANs did create entry barriers for widespread small business participation, hindering expansion of EDI beyond large organizations. On the other hand more and more organizations are using or considering using the Internet for electronic commerce and EDI.

Although, there is an ability to tap into information around the clock from just about anywhere in the world, the downside is that Internet is short of security and does not guarantee delivery. A perceived barrier in the Internet web-based EC is security and reliability, as compared to EDI systems that are ‘closed’ and assume separation between purchasing and payment systems. Further, there is a lack of confidence, fear and distrust among the trading partners.

Internet web-based trading techniques aim to improve the interchange of information between trading partners, by bringing down the boundaries that restrict how they interact and do business with each other. By doing so it restricts and increases the risk in the process of conducting commercial transactions via eavesdropping, password sniffing, data modification, spoofing and repudiation (Bhimani, 1996). There are misconceptions that must be overcome before it can be deemed suitable for electronic commerce. A few of the commonly expressed concerns include reliability, security, scalability, ease of use and payment. Hence, security is one barrier but there is also the real underlying factor; ‘insufficient trust in the reliability’ of the commercial transactions travelling on the Internet (Ambrose and Johnson, 1998). Thus the question of ‘trust’ is even more important in the virtual world than it is in the real world.

Trust

The original Internet was designed for research not electronic commerce. As such it operated in a single domain of ‘trust’ while provisions were made to allow remote users to access critical files on machines, security generally relied on users’ mutual respect and honor, as well as their knowledge of conduct considered appropriate on the network.

Trust is defined as ‘the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party’ (Mayer, Davis and Schoorman, 712:1995).

The purpose of this paper is to introduce the trend from traditional commerce to VAN-based EDI and Internet web-based EC. While the paper highlights the differences between these systems, it also introduces new phenomena ‘trust’ and its effect on security.

Importance of Trust

The importance of trust is based on the potential use of the technology to increase information sharing. Trust increases the probability of a trading partner’s willingness to expand the amount of information sharing through EDI and explore new mutually beneficial arrangements (Hart and Saunders, 1997). Trust, especially among the trading partners in electronic commerce reinforces the prospect of continuity in a relationship and a commitment to extend an inter-organizational relationship. It implies that the trading partners are dependable and follow their promises, thus developing high levels of cooperation that will in turn reinforce trust (Cummings and Bromiley, 1996). Both reliability and security are impaired when inconsistencies between words and actions among the trading partners increase. This decreases trust due to the lack of consistent and reliable behavior. Thus, trust only occurs when the trading partners are assured of others’ willingness and ability to deliver on their obligations.

Table 1 above demonstrates the evolution of technology and its relation to the level of trust and security. In the 1950’s and 60’s traditional commerce used to happen with a mere business handshake and heavily relied on ‘trust’ among the business partners who were within reach, that is ‘seeing is believing’. The trust factor increased with reputation, faith and integrity.

Alternatively in EDI, contracts such as trading partner agreements, ANSI X.12 and EDIFACT standards were used to clarify and simplify the trading procedures. Thus trust was seen in a written contract that expects services to be performed by trading partners engaged in EDI. Past studies have shown that EDI can be used as a supplier management tool to achieve improved supplier reliability in providing trading partners with better information. This in turn lead to closer supplier relationships, fewer delayed orders, delivery and a decrease in problems with delivered quality and quantity (Walton, 1997). Walton’s (1997) study tested and examined thirty companies for EDI usage patterns. The findings concluded that the quality of the product and services related to the trading partners’ competence, willingness to share sensitive production and capacity information. Hence, routine use of EDI (consistency, repeated ties) has lead to supplier reliability (trust) and not in simply installing an EDI system. This is because trust takes time to develop.

In the case of Internet web-based EC trust is seen as promises, assurances and a demand for high quality products and services. The Internet is too big, too nebulous and is just a tool. Trust is needed not only in the pre-transaction and transaction phase (that is advertising, providing information about the product, ordering, purchasing, paying and delivering the product) but also in the post-transaction phase in the form of warranties and refunds. This is because the two parties are not in the same place, and hence we cannot depend on things like physical proximity, handshakes and body-signals.

It is true that security is dependant on trust and not in the EC systems that provide efficient services and guarantee delivery of the messages but more importantly, that the message in actual fact came from an authorized person thus being authentic, having integrity, confidentiality and unable of being repudiated. Hence, high levels of trust will likely result in high levels of security, immaterial of the type of technology being used.

References

Ambrose, P.J and Johnson, G.J (1998) A Trust Model of Buying Behavior in Electronic Retailing, Association for Information Systems, America’s Conference, Baltimore, Maryland, August 14^th-16^th, pp 263-265.

Bhimani, A (1996) Securing the Commercial Internet, Communications of the ACM, Volume 39, Number 6, June, pp 29-35.

Cummings, L.L. P. Bromiley (1996) ‘The Organizational Trust Inventory (OTI): Development and Validation,’ in Kramer, R.M. and Tyler, T.R. (eds) Trust in Organizations: Frontiers of Theory and Research, Sage Publications, Thousand Oaks, CA, 302-220.

Hart, P. and Saunders, C. (1997) ‘Power and Trust: Critical Factors in the Adoption and Use of Electronic Data Interchange,’ Organization Science, 8, 1, January-February, 23-41.

Mayer, R.C., Davis, J.H., and Schoorman, F.D. (1995) ‘An Integrative Model of Organizational Trust,’ Academy of Management Review,’ 20, 3 709-734.

Moukheiber, Z (1997) Plus ca Change…’ Forbes, February, 10, 46-48.

Walton, S.V (1997) The relationship between EDI and supplier reliability, International Journal of Purchasing and Materials Management, Tempe, Volume 33, Number 3, pp 30-35.