Encyclopedia of Computer Science and Technology

authentication 31auctions, onlineBy the late 1990s, millions of computer users had discovereda new way to buy and sell an immense variety of itemsranging from traditional collectibles to the exotic (such as aworking German Enigma encoding machine).Since its founding in 1995, leading auction site eBay hasgrown to 78 million users in mid-2006, with revenue ofabout $7.6 billion in 2007 (see eBay). (Two other e-commercegiants, Amazon.com and Yahoo!, also entered theonline auction market, but with much more modest results.)ProceduresOnline auctions differ from traditional auctions in severalways. Traditional auction firms generally charge the sellerand buyer a commission of around 10 percent of the sale or“hammer” price. Online auctions charge the buyer nothing,and the seller typically pays a fee of about 3–5 percent of theamount realized. Online auctions can charge much lowerfees because unlike traditional auctions, there is no liveauctioneer, no catalogs to produce, and little administration,since all payments pass from buyer to seller directly.An online auction is like a mail bid auction in that bidscan be posted at any time during the several days a typicalauction runs. A buyer specifies a maximum bid and ifhe or she becomes the current high bidder, the high bid isadjusted to a small increment over the next highest bid. Aswith a “live” auction, however, bidders can revise their bidsas many times as they wish until the close of the auction.An important difference between online and traditional liveauctions is that a traditional auction ends as soon as noone is willing to top the current high bid. With an onlineauction, the bidding ends at the posted ending time. Thishas led to a tactic known as “sniping,” where some bidderssubmit a bid just over the current high bid just before theauction ends, such that the previous high bidder has notime to respond.Future and ImplicationsOnline auctions have become very popular, and an increasingnumber of people run small businesses by selling itemsthrough auctions. The markets for traditional collectiblessuch as coins and stamps have been considerably affectedby online auctions. Knowledgeable buyers can often obtainitems for considerably less than a dealer would charge, orsell items for more than a dealer would pay. However, manyitems are overpriced compared to the normal market, andfaked or ill-described items can be a significant problem.Attempts to hold the auction service legally responsiblefor such items are met with the response that the auctionservice is simply a facilitator for the seller and buyer anddoes not play the role of traditional auctioneers who catalogitems and provide some assurance of authenticity. If courtsor regulators should decide that online auctions must bearthis responsibility, the cost of using the service may rise orthe variety of items that can be offered may be restricted.Further ReadingCohen, Adam. The Perfect Store: Inside eBay. Boston: Little, Brown,2002.Encell, Steve, and Si Dunn. The Everything Online Auctions Book:All You Need to Buy and Sell with Success—on eBay and Beyond.Avon, Mass.: Adams Publishing Group, 2006.Kovel, Ralph M., and Terry H. Kovel. Kovels’ Bid, Buy, and SellOnline: Basic Auction Information and Tricks of the Trade. NewYork: Three Rivers Press, 2001.auditing in data processingThe tremendous increase in the importance and extent ofinformation systems for all aspects of commerce and industryhas made it imperative that businesses be able to ensurethe accuracy and integrity of their accounting systems andcorporate databases. Errors can result in loss of revenueand even exposure to legal liability.Auditing involves the analysis of the security and accuracyof software and the procedures for using it. For example,sample data can be extracted using automated scriptsor other software tools and examined to determine whethercorrect and complete information is being entered into thesystem, and whether the reports on which managementrelies for decision making are accurate. Auditing is alsoneeded to confirm that data reported to regulatory agenciesmeets legal requirements.In addition to confirming the reliability of software andprocedures, auditors must necessarily also be concernedwith issues of security, since attacks or fraud involvingcomputer systems can threaten their integrity or reliability(see computer crime and security). The safeguarding ofcustomer privacy has also become a sensitive concern (seeprivacy in the digital age). To address such issues, theauditor must have a working knowledge of basic psychologyand human relations, particularly as they affect largeorganizations.Auditors recommend changes to procedures and practicesto minimize the vulnerability of the system to bothhuman and natural threats. The issues of backup andarchiving and disaster recovery must also be addressed(see backup and archive systems). As part accountantand part systems analyst, the information systems auditorrepresents a bridging of traditional practices and rapidlychanging technology.Further ReadingCannon, David L., Timothy S. Bergmann, and Brady Pamplin.CISA: Certified Information Systems Auditor Study Guide. Indianapolis:Wiley Publishing, 2006.Champlain, Jack. Auditing Information Systems. Hoboken, N.J.:Wiley, 2003.Information Systems Audit and Control Association. Availableonline. URL: http://www.isaca.org/. Accessed May 22, 2007.Pathak, Jagdish. Information Systems Auditing: An Evolving Agenda.New York: Springer-Verlag, 2005.authenticationThis process by which two parties in a communicationor transaction can assure each other of their identity is afundamental requirement for any transaction not involvingcash, such as the use of checks or credit or debit cards.(In practice, for many transactions, authentication is “one