II.8.5 Security of M-payment

Mobile phone with integrated sim card which load encrypted information, offers security and privacy, but for its use in the e-commerce other security concerns have to be considered.

The lack of standards and disparity of the existing systems are the main concerns for the use development of this payment system in online transaction despite the fact that identification, security and authorization of the transaction are already implemented in the m-payment systems.

To effectively use m-payment in e-commerce development, strong partnership between banks, mobile operators and businesses must be developed for the integration of their information systems to provide dynamic and secured mobile payment system (P. Candance Deans, 2005, p 84).

This integration will raise issue of security of Information systems that has been described in this work to ensure security of the online transaction.

The nature of the mobile phone which can be stolen any time or broken, the malfunction of mobile network because of technical issues will surely raise issues such as fraud, repudiation of the transaction and availability of service.

That's why, on top of all security measures which can be implemented, this emerging system needs to have law and regulation in place.

Page | 33

II.9 Conclusion on the literature review

The literature review gives a broad view and understanding of e-commerce concepts and Information technology capabilities.

Capabilities in e-commerce link together Information technology capabilities with organizational processes to respond to the highly changing nature of the e-commerce because of the dynamic changes involved in its development.

The diversity of the payment systems studied in this research and the challenge of their security is the fundamental element which will be used in this research to assess the e-commerce capabilities in the Democratic republic of Congo (DRC).

A particular attention will be given to the mobile payment systems which appear as an emerging innovation in the country with the development of the mobile networks.

The study will analyze the security of the existing e-payment systems such as credit/debit card and other online payment offered by local banks and their organizational processes to assess their readiness to the emergence of e-commerce in DRC.

Security according to the CIA concept (Confidentiality, integrity and availability) as described in the ISO 27001/2 framework and other sources cited in the section II.7.2 of this work will be the driver for the assessment which will be used in this study.

The objective of this research is to assess the status of e-commerce capabilities in DRC with a specific focus on online payment systems security in order to better understand how such capabilities can be better leveraged for an effective development of e-commerce in DRC.

Page | 34

Chapter 3: Research Methodology

III.1 Introduction

This chapter discusses the methodology used to collect information and the overall research design and justification. It also defines the sampling; population used for data collection and the questionnaire design.

The security of the payment system is the main concern which must be addressed in order to bring confidence for the user. In their books according to electronic payment systems for e-commerce the Laudon's (K. Laudon and J Laundon, 2008) and G. Shneider (2011) presented the concept of CIA (Confidentiality, integrity and availability) as a quality to which a payment system must conform. So this research will use this concept to assess security of online payment systems in DRC

The concept of the security of the information system as provided by the ISO 27001/2 standards as described in the previous chapter of this study highlights the important place taken by the CIA concept in terms of the security of the online transaction used for the e-commerce in general and particularly for e-payment systems. Of course the other elements of the security focusing on human, physical infrastructure, etc are most likely to be easy to set up and should exist in most of the bank IT infrastructure in the country.

So CIA remains a challenge because as it is well known, all other security elements regarding e-payment systems have as prime objective to ensure confidentiality, integrity and availability of the system.

III.2 Research design and justification III.2.1 Introduction

The research design or methodology describes the process and actions taken to collect responses or data and the way these responses have been analyzed to give an answer the research question.

For this research, the literature review didn't provide relevant information to the research question for this study; therefore it is difficult to use secondary data collection method.

In fact, because of the specificity of the subject and the use of component elements of a framework to assess the security of e-payment systems in the specified country, the primary data collection method is the best one for this research. Data (responses) will be collected directly from participants to the survey which will use questionnaire built from checklists.

Page | 35

E-commerce is on its inception phase in the country, therefore it is not already perceived as part of the economical live. For this reason, the research will also use interviews as to get some responses in a face-to-face interaction with stakeholders in the e-payment and e-commerce planet.

Prior to justify which methodology is better for this research, it is better to give an overview of the two methodologies used for data collection; qualitative and quantitative.

Qualitative research methodology

Jackson (2010, p 101) defines qualitative research as a research method that «focuses on phenomena that occur in natural settings, and the data are analyzed without the use of statistics.

«Qualitative research generates text which is often interpreted in a subjective way (although it is possible in certain circumstances to convert textual information to numbers)» (Gabriel J., 2012).

These two definitions indicate clearly that qualitative research is based on observation of specific field or area of research without statistical analysis in the mind.

For qualitative research data or response is collected by the mean of questionnaire or interviews.

Quantitative research methodology

It has been stated by professor G. Jacobs (2012) that «quantitative research generates measurable information that can be converted into numbers and analyzed statistically. Data is often gathered in questionnaire surveys».

In quantitative research, even though data can be collected some time using interview like for the qualitative methodology, the focus is to simplify, objectify or quantify the observation so that data collected can be easily interpreted using statistical tools.

The difference between the two methodologies is given in the table below provided by Malhotra (2004, cited by Mirza et al. (2011, p 53-54)) based on objective, sample data collection and analysis and the outcome basis.

Page | 36

Table 1: Qualitative vs quantitative research methodologies
Source: Mirza et al. (2011, p53-54)