Skip to main content

Security Schemes in Electronic Payment Systems

Introduction 
Secure electronic function transfer is crucial to e-commerce. In order to ensure the integrity and security of each electronic transaction and other EPSS utilize some or all of the following security measures and technologies directly related to EPSS: 
1) Authentication  
2) Public Key Cryptography  
3) Digital Signatures  
4) Certificate  
5) Certificate Authorities  
6) Secure Socket Layers(SSL)  
7) Secure Hypertext Transfer Protocol(S-HTTP)
 
Electronic Payment Protocols
Securities schemes are implemented by protocols: 
1) Secure Socket Layer (SSL): Netscape communication has proposed a protocol for providing data security layered between high-level application protocols and TCP/IP. This security protocol, called SSL, provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection.
 
SSL provides a security "handshake" to initiate the TCP/IP connection .This handshake results in the client and server agreeing on the level of security that they will use and fulfills any authentication requirements for the connection. Therefore SSL's only role is to encrypt and decrypt the message stream.
 
This protocol fully encrypts all the information in both the HTTP request and the HTTP response, including the URL the client is requesting.

2) Secure Hypertext Transmission Protocol (S-HTTP): S-HTTP was Sn developed for commerce Net- a consortium of companies promoting the  Bestablishment of electronic commerce on the internet. S-HTTP supports a B variety of security mechanisms to HTTP clients and servers, providing the security service options appropriate to the wide range of potential end uses possible on the web. The protocol provides symmetric capabilities to both client and server. 
 
To ensure a secure conversation between a web client and server, S-HTTP works by negotiating the type of encryption scheme used between client and server. Several cryptographic message format standards can be incorporated into S-HTTP clients and servers. S-HTTP does not require client-side public- key certificates. This is significant because it means that spontaneous private transactions can occur without requiring individual users to have an  established public key.
 
One advantages of S-HTTP is that it supports end-to-end secure transaction. This means that multiple encryption/decryption need not be done at every intermediate point.

3) Secure Electronic Transaction (SET): SET has been developed mainly by the credit card industry to secure payment card transactions over open networks. SET has been published as open specification for the industry. The current version of SET was designed for common desktop PCs as the typical user terminal, and with the internet as the transport network.

Previous Next

 
Labels:

Comments

Post a Comment

Popular Post

Competitive Advantage - Sustainable Competitive Advantage

Sustainable competitive advantage may be realised by adoption of e-commerce strategies and business models. Rather than simply exchanging procurement transactions as with e-commerce practices, leading enterprises are executing e- commerce to share intellectual capital with their trading partners working as a value chain that provides a competitive advantage for the development and distribution of their products. The idea of giving the customer access to tracking information via the internet was a new one that had considerable appeal to the customer. For example , the use of new system also had considerable advantage to FedEx who no longer had to deal with a vast number of calls checking up on progress of consignment; because the customer could now access the system themselves. But e-commerce development and implementation could not be entirely private- customer had to become involved at some stage. The competitor was quick to catch on to the idea and UPS (United Parsal Services) was so...
Post a Comment
Read more

E-Commerce Implementation

The strategy diagram divides implementation into the technical and the business aspects and these are briefly considered below: Technical Implementation : The approach to technical implementation of an E-Commerce system depends on the business objectives, business requirements and technologies that have been selected. It is noted that many internet E-Commerce systems are cobbled(repaired) together rather than designed and that is often apparent. It is important that the design process considers: Is of use of system by intended end-users : Always an important factor in system design but crucial if the end user are to be members of the public with perhaps limited computer literacy and the option to switch to an alternative website if not satisfied. Functionality that users need : This has to be what the users want rather than what the organisation things they need. Uses of e-commerce are not a captive audience that can be interviewed and evaluated like the uses of a traditional IS develo...
Post a Comment
Read more

Electronic commerce introduction

Electronic Commerce ( e-commerce ) generally refers to all forms of transactions relating to commercial activities, involving both organizations and individuals that are based upon the processing and transmission of digitised data, including text, sound and visual images. E-Commerce has created a new environment in business transactions using internet. It deals with providing information to consumers regarding products of their interest. It provides a platform of advertisement of products, allows negotiations, order for raw materials, settlement of financial transactions etc. Electronic commerce is an integrations of communication services, data management and security mechanisms that allows organizations to exchange information about the sale of goods and services, where, Communication services supports the transfer of information from the buyer to the seller electronically. Data management is the exchange and storing of data in a uniform format to facilitate easy exchange of infor...
Post a Comment
Read more