|
|
||||||||||||
GB/T 37401-2019 PDF EnglishSearch result: GB/T 37401-2019
GB/T37401-2019 (GBT37401-2019): PDF in EnglishGB/T 37401-2019 NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.240.60 A 10 Service assurance technical requirement for electronic commerce platform ISSUED ON: MAY 10,2019 IMPLEMENTED ON: DECEMBER 1, 2019 Issued by: State Administration for Market Regulation of the People's Republic of China; Standardization Administration of the People's Republic of China. Table of Contents Foreword ... 3 1 Scope ... 4 2 Normative references ... 4 3 Terms and definitions ... 5 4 Service assurance system of electronic commerce platform ... 5 5 Transaction process assurance ... 6 6 Fundamental guarantees ... 10 Bibliography ... 15 Foreword This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. This Standard was proposed by and shall be under the jurisdiction of National Technical Committee on Electronic Business Standardization (SAC/TC 83). The drafting organizations of this Standard: China National Institute of Standardization, Xiamen Zhicheng Standardization Service Co., Ltd., Haiquan Baishan Biotechnology Co., Ltd., Chengdu DAQsoft Co., Ltd., CTCA Inspection (Quanzhou) Technical Services Co., Ltd., Jinjiang Lvsheng Food Co., Ltd., China Jiliang University, Jiangsu Institute of Quality and Standardization, Guangzhou Institute of Standardization, Hanghzou Hanzheng Technical Services Co., Ltd., Shandong University of Technology, Dongguan ARUN Inc., Xiamen Anne Corporation Limited, Anhui Institute of Quality and Standardization. The main drafters of this Standard: Cheng Yue, Sun Zhaoyang, Sui Yuan, Mao Haijun, Li Jing, Wang Shuang, Wang Zhimin, Gao Ang, Zhu Hong, Xian Kuitong, Chen Yinlong, Mao Xu, Lin Yun, Yang Xiaofeng, Zhang Ying, Liu He, Qiu Zhiping, Ding Yafang, Gong Kunxiang, Cao Xinjiu, Liu Ying, Zhou Daohua, Hao Han, Ling Junjie, Lin Fengxi, Zhou Ruqi. Service assurance technical requirement for electronic commerce platform 1 Scope This Standard specifies the transaction process assurance and basic assurance technical requirements for electronic commerce platform. This Standard applies to the planning and implementation of the service assurance of electronic commerce platform. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition dated applies to this document. For undated references, the latest edition of the referenced documents (including all amendments) applies to this document. GB/T 2887, General specification for computer field GB/T 20270, Information security technology – Basis security techniques requirement for network GB/T 20281, Information security technology – Security technical requirements and testing and evaluation approaches for firewall GB/T 20988, Information security technology – Disaster recovery specifications for information systems GB/T 22080, Information technology – Security techniques – Information security management systems – Requirements GB/T 28827.1, Information technology service – Operations and maintenance – Part 1: General requirements GB/Z 28828, Information security technology – Guideline for personal information protection within information system for public and commercial services 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 electronic commerce Commercial activities which are carried out in the form of electronics. NOTE: Economic activity subjects use modern information technology (including the Internet, mobile network and other information networks) to carry out commercial activities with each other, to fulfill electronization in part or in whole in the key commercial activities such as online communication, signing, payment and so on, including goods trading, service trading, intellectual property trading, etc. [GB/T 31524-2015, Definition 3.1] 3.2 electronic commerce platform The total of information network systems which provide match-making and related services for two parties or multiple parties of a transaction in electronic commerce activities. [GB/T 31524-2015, Definition 3.2] 3.3 electronic commerce subject The total of information network systems which provide match-making and related services for two parties or multiple parties of a transaction in electronic commerce activities. [GB/T 32873-2016, Definition 3.2] 4 Service assurance system of electronic commerce platform 4.1 The service assurance system of electronic commerce platform is as shown in Figure 1. Figure 1 – Service assurance system of electronic commerce platform 4.2 The service assurance system of electronic commerce platform shall include: a) transaction process assurance: the service assurance of the whole transaction process of electronic commerce, mainly covering the service assurance in the links such as before transaction, in transaction and after transaction; b) basic assurance: all kinds of basic service assurance provided based on electronic commerce platform, covering security assurance, platform environment, data management and operation and maintenance management. 5 Transaction process assurance 5.1 Before-transaction requirements 5.1.1 Subject identity authentication Electronic commerce platform shall have the subject identity authentication function, whose functional requirements shall at least include: Transaction process assurance Before transaction In transaction After transaction Subject identity authentication Product service assurance Order handling Order payment Logistics distribution After-sale service Fundamental assurance Security assurance Platform environment Data management Operation and maintenance management a) data acquisition: supporting the functions such as online fill-out and uploading corresponding documentary evidences, to fulfill the acquisition of subject’s real information in the process of an electronic commerce transaction. The information acquired shall include but not limited to: 1) subject registration information, including basic information, subject identity information and so on; 2) license information, including the information of relevant administrative licenses or selling authorization licenses which are necessary for selling goods or providing services; 3) contact information, including the information of detailed address, contact telephone, e-mail and so on. b) Information authentication: providing the functions such as online inquiry, background authentication, and examining the related transaction activity information by means of digital signature, digital certificate, etc. c) information announcement: by means of image insertion or web page linkage, realizing the announcement of the qualification information such as license information, registration information, in prominent positions. 5.1.2 Product service assurance 5.1.2.1 Product information description Electronic commerce platform shall have the function of describing the information of products sold clearly, including: a) the function of product information modelling shall at least include: 1) general information module, supporting the function to describe the information entities such as the basic information, corporate information, contact information and so on of products sold, and the information elements such as product name, brand, place of origin, corporate name, contact telephone, etc.; 2) special information module, supporting the function to describe the characteristic information entities and information elements of products sold. b) the function established by the product information description methods: supporting the establishment of the related descriptive methods of basic attributes, data types and formats, etc. of product information entities and information elements. For the detailed descriptive methods, refer to the requirements in relevant national standards such as GB/T 32670 and GB/T 33989. 5.1.2.2 Product quality assurance Electronic commerce platform shall provide the function of online fill-out of documentary information and uploading documentary documents related to product quality assurance, and examine its compliance, legality and authenticity. 5.2 In-transaction requirements 5.2.1 Order handling Electronic commerce platform shall provide the related function module of order handling such as order placing service, order management, etc., whose requirements shall include but not limited to: a) the requirements of order placing service function module include: 1) providing specific transaction rules and convenient order placing processes, preferably supporting the functions such as one-key order placing; 2) providing the guidance of the whole process of order placing by means of page reminder, etc.; 3) having the functions such as order confirmation, payment method description and selection, etc. at the key links of the order placing service process; 4) describing the quantity of goods selected, expected delivery time, delivery place, distribution method, order amount details, invoice information, discounting details, which are shown by means of independent pages before confirming order; 5) providing the order detail notification function by means of text message, platform short message, related social communication software, e-mail, etc., to realize the confirmation of ordering and payment; 6) electronic commerce platform can support the distribution method selection function; 7) preferably providing multiple order placing methods, including but not limited to computer end, mobile phone end, etc. b) the requirements for the order management function module include: 1) supporting the acquisition of information related to payment, delivery, receiving, etc. and realizing the function of order detail tracking; 2) being able to carry out historical order inquiry by setting the conditions such as time and .......Source: https://www.ChineseStandard.net/PDF.aspx/GBT37401-2019 |