Skip to main content

Security Schemes in Electronic Payment Systems

Introduction 
Secure electronic function transfer is crucial to e-commerce. In order to ensure the integrity and security of each electronic transaction and other EPSS utilize some or all of the following security measures and technologies directly related to EPSS: 
1) Authentication  
2) Public Key Cryptography  
3) Digital Signatures  
4) Certificate  
5) Certificate Authorities  
6) Secure Socket Layers(SSL)  
7) Secure Hypertext Transfer Protocol(S-HTTP)
 
Electronic Payment Protocols
Securities schemes are implemented by protocols: 
1) Secure Socket Layer (SSL): Netscape communication has proposed a protocol for providing data security layered between high-level application protocols and TCP/IP. This security protocol, called SSL, provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection.
 
SSL provides a security "handshake" to initiate the TCP/IP connection .This handshake results in the client and server agreeing on the level of security that they will use and fulfills any authentication requirements for the connection. Therefore SSL's only role is to encrypt and decrypt the message stream.
 
This protocol fully encrypts all the information in both the HTTP request and the HTTP response, including the URL the client is requesting.

2) Secure Hypertext Transmission Protocol (S-HTTP): S-HTTP was Sn developed for commerce Net- a consortium of companies promoting the  Bestablishment of electronic commerce on the internet. S-HTTP supports a B variety of security mechanisms to HTTP clients and servers, providing the security service options appropriate to the wide range of potential end uses possible on the web. The protocol provides symmetric capabilities to both client and server. 
 
To ensure a secure conversation between a web client and server, S-HTTP works by negotiating the type of encryption scheme used between client and server. Several cryptographic message format standards can be incorporated into S-HTTP clients and servers. S-HTTP does not require client-side public- key certificates. This is significant because it means that spontaneous private transactions can occur without requiring individual users to have an  established public key.
 
One advantages of S-HTTP is that it supports end-to-end secure transaction. This means that multiple encryption/decryption need not be done at every intermediate point.

3) Secure Electronic Transaction (SET): SET has been developed mainly by the credit card industry to secure payment card transactions over open networks. SET has been published as open specification for the industry. The current version of SET was designed for common desktop PCs as the typical user terminal, and with the internet as the transport network.

Previous Next

 
Labels:

Comments

Post a Comment

Popular Post

Advantages of EDI

1) Shortened Ordering Time : Paper orders have to be printed, enveloped and sent out by the customer's post room, passed through the postal service, received by the supplier's post room and input to the supplier's order pocessing system. To achieve all this, reliably, in under three days would be to do very well. EDI orders are sent straight into the network and the only delay is how often the supplier retrieves messages from the system. Orders can be in the supplier's system within a day, or if there is urgency, the messages can be retrieved more frequently, for example every hour.  2) Cost Cutting : The use of EDI can cut costs. These include the costs of stationery and postage but these will probably be fully matched by the costs of running the EDI service. The principle saving from the use of the EDI is the potential to save staff costs. For example, if the orders are directly input to the system there is no need for an order entry clerk.  3) Elimination of Errors :...
Post a Comment
Read more

Infrastructure for EC

Introduction The e-commerce infrastructure is defined here as the supporting capabilities for online trading between multiple companies which include hardware, software, networks, online payment technologies, security and encryption technologies, online trading business models, legal and regulatory framework, and managerial and organisation capabilities.  Infrastructure is the shared human, informational , and technical resources on which the work system relies in order to operate, even though these resources exist and are managed outside of the work system.  To evaluate the interdisciplinary aspects of construction e-commerce infrastructure, one proposes using a four pillar approach. Figure 5.1 illustrates the skeleton for the proposed integrated construction e-commerce infrastructure. The proposed integrated e-business infrastructure can be broken down into the following four groups of components:  1) Technological Infrastructure : Technology infrastructure is a work...
1 comment
Read more

Business Strategy - E-Commerce Strategy Inputs

E-Commerce Strategy Inputs Traditionally an IT strategy would be subservient to the business strategy. For e- commerce the IT strategy becomes a central component (or the determinant factor) in business strategy.  Inputs to an e-commerce business strategy are: Technology An E-commerce technology includes:  EDI : Streamline supply logistics and facilitate decreases in trade cycle times.  Electronic Markets : Re-define the operation of a market sector.  Internet E-Commerce : Provides new direct sales opportunities and novel business to business and business to consumer applications.  Internet e-commerce can be used to improve, transform and re-define business value:  Organisation  Source of Business value  i) Improve it a) Product promotion b)New direct sales channel c)Direct saving d)Time to market e)Customer service f)Brand image  ii)Transform it a)Technological and organizational learning b)Customer relations  iii)Re-define it a)New pro...
Post a Comment
Read more