Skip to main content

Security Schemes in Electronic Payment Systems

Introduction 
Secure electronic function transfer is crucial to e-commerce. In order to ensure the integrity and security of each electronic transaction and other EPSS utilize some or all of the following security measures and technologies directly related to EPSS: 
1) Authentication  
2) Public Key Cryptography  
3) Digital Signatures  
4) Certificate  
5) Certificate Authorities  
6) Secure Socket Layers(SSL)  
7) Secure Hypertext Transfer Protocol(S-HTTP)
 
Electronic Payment Protocols
Securities schemes are implemented by protocols: 
1) Secure Socket Layer (SSL): Netscape communication has proposed a protocol for providing data security layered between high-level application protocols and TCP/IP. This security protocol, called SSL, provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection.
 
SSL provides a security "handshake" to initiate the TCP/IP connection .This handshake results in the client and server agreeing on the level of security that they will use and fulfills any authentication requirements for the connection. Therefore SSL's only role is to encrypt and decrypt the message stream.
 
This protocol fully encrypts all the information in both the HTTP request and the HTTP response, including the URL the client is requesting.

2) Secure Hypertext Transmission Protocol (S-HTTP): S-HTTP was Sn developed for commerce Net- a consortium of companies promoting the  Bestablishment of electronic commerce on the internet. S-HTTP supports a B variety of security mechanisms to HTTP clients and servers, providing the security service options appropriate to the wide range of potential end uses possible on the web. The protocol provides symmetric capabilities to both client and server. 
 
To ensure a secure conversation between a web client and server, S-HTTP works by negotiating the type of encryption scheme used between client and server. Several cryptographic message format standards can be incorporated into S-HTTP clients and servers. S-HTTP does not require client-side public- key certificates. This is significant because it means that spontaneous private transactions can occur without requiring individual users to have an  established public key.
 
One advantages of S-HTTP is that it supports end-to-end secure transaction. This means that multiple encryption/decryption need not be done at every intermediate point.

3) Secure Electronic Transaction (SET): SET has been developed mainly by the credit card industry to secure payment card transactions over open networks. SET has been published as open specification for the industry. The current version of SET was designed for common desktop PCs as the typical user terminal, and with the internet as the transport network.

Previous Next

 
Labels:

Comments

Post a Comment

Popular Post

Procurement Management Using Buyer's Internal Market Place

Improvements to procurement have been attempted for decades, usually by using information technologies. The real opportunity for improvement lies in the use of e-procurement, the electronic acquisition of goods and services for organisations. The general e-procurement process (with the exception of tendering) is shown in figure 2.8 .  One effective solution to the procurement problem in large organisations is to aggregate the catalogues of all approved suppliers, combining them into a single internal electronic catalogue. Prices can be negotiated in advance or determined by a tendering, so that the buyers do not have to negotiate each time they place an order. By aggregating the suppliers' catalogues on the buyer's server, it is also easier to centralise and control all procurement. Such an aggregation of catalogues is called an internal procurement marketplace .  Benefits of Internal Marketplaces   1) Corporate buyers can use search engines to look through internal aggre...
Post a Comment
Read more

Infrastructure for EC

Introduction The e-commerce infrastructure is defined here as the supporting capabilities for online trading between multiple companies which include hardware, software, networks, online payment technologies, security and encryption technologies, online trading business models, legal and regulatory framework, and managerial and organisation capabilities.  Infrastructure is the shared human, informational , and technical resources on which the work system relies in order to operate, even though these resources exist and are managed outside of the work system.  To evaluate the interdisciplinary aspects of construction e-commerce infrastructure, one proposes using a four pillar approach. Figure 5.1 illustrates the skeleton for the proposed integrated construction e-commerce infrastructure. The proposed integrated e-business infrastructure can be broken down into the following four groups of components:  1) Technological Infrastructure : Technology infrastructure is a work...
1 comment
Read more

What is COVID-19 ?

COVID-19 is a disease caused due to the infection of novel coronavirus. The first case of COVID-19 disease was founded at Wuhan, China in December 2019. It also named as severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). COVID-19 is the most widely spread disease ever in the world. In most cases it infects the respiratory system that causes fever, dry cough, and shortness of breath. Previous : What is the difference between coronavirus and COVID-19 ?
Post a Comment
Read more