8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 1/40
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 2/40
2/9/2011 2
Electronic money
also known as e-currency, e-money, electroniccash, electronic currency, digitalmoney, digital cash or digital currency
refers to money or scrip which is onlyexchanged electronically. Typically, this involves theuse of computer networks, the internet and digitalstored value systems. Electronic Funds Transfer
(EFT) and direct deposit are all examples of electronic money.
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 3/40
The internet payment solution providers haveevolved over the recent years.
They facilitate the online payment system for the buyers, sellers and merchants.
The credit cards from the major issuingcompanies like Master, Visa and AmericanExpress has facilitate the payment process andmake it very convenient for the online usersand the merchants.
Now everyone from every part of the worldcan by almost everything on the internetthrough the credit cards.
2/9/2011 3
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 4/40
Methods of
traditional payment¾ Check, credit card,
or cash
Methods of electronic
payment¾ Electronic cash,
software wallets,smart cards, andcredit/debit cards
¾ Scrip is digital cashminted by third-partyorganizations
2/9/2011 4
To transfer money over the Internet
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 5/40
Atomicity
¾ Money is not lost or created during a transfer
Good atomicity¾ Money and good are exchanged atomically
Non-repudiation
¾ No party can deny its role in the transaction¾ Digital signatures
2/9/2011 5
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 6/40
Reliability
Scalability
Security
Integrity
Authentication
Usability
2/9/2011 6
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 7/40
Acceptability
Anonymity: privacy &
untraceability Convertibility
Efficiency
Flexibility
Integration
Availability
2/9/2011 7
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 8/40
Universally accepted Transferable electronically
Divisible
Non-forgeable, non-stealable
Private (no one except parties know theamount)
Anonymous (no one can identify the payer)
Work off-line (no on-line verification
needed)
No known system satisfies all.
2/9/2011 8
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 9/40
Specifically, e-cash must have thefollowing four properties:
monetary value Interoperability
Retrievability,
Security
2/9/2011 9
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 10/40
E-cash
Electronic wallets
Smart card
Credit card
2/9/2011 10
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 11/40
Primary advantage is with purchaseof items less than Rs.100
¾ Credit card transaction fees make smallpurchases unprofitable
¾ Micropayments
x Payments for items costing less than $1
2/9/2011 11
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 12/40
2/9/2011 12
Merchant
Consumer
Bank
1
2
3
4
5
1. Consumer buys e-cash from Bank
2. Bank sends e-cash bits to consumer (after
charging that amount plus fee)
3. Consumer sends e-cash to merchant
4. Merchant checks with Bank that e-cash
is valid (check for forgery or fraud)
5. Bank verifies that e-cash is valid
6. Parties complete transaction: e.g., merchant
present e-cash to issuing back for deposit
once goods or services are delivered
Consumer still has (invalid) e-cash
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 13/40
E-cash must allow spending only once Must be anonymous, just like regular
currency¾
Safeguards must be in place to preventcounterfeiting¾ Must be independent and freely transferable
regardless of nationality or storagemechanism
Divisibility andC
onvenience Complex transaction (checking with
Bank)¾ Atomicity problem
2/9/2011 13
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 14/40
On-line¾ Individual does not have possession
personally of electronic cash¾ Trusted third party, e.g. online bank, holds
customers· cash accounts
Off-line¾ C
ustomer holds cash on smart card or software wallet
¾ Fraud and double spending require tamper-proof encryption
2/9/2011 14
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 15/40
Advantages¾ More efficient, eventually meaning lower
prices¾ Lower transaction costs
¾ Anybody can use it, unlike credit cards, anddoes not require special authorization
Disadvantages¾ Tax trail non-existent, like regular cash
¾ Money laundering
¾ Susceptible to forgery
2/9/2011 15
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 16/40
Complex cryptographic algorithmsprevent double spending
¾ Anonymity is preserved unless doublespending is attempted
Serial numbers can allow tracing toprevent money laundering
¾ Does not prevent double spending, since themerchant or consumer could be at fault
2/9/2011 16
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 17/40
Goal
¾ to have the bank sign documents without
knowing what they are signing.
Why?
± Anonymity with Authentication
2/9/2011 17
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 18/40
How?Basic: Sign anything
2/9/2011 18
1. You encrypt the message
2. Send it to the bank
3. The bank signs the message andreturns it
4. You decrypt the signed message
5. You spend it
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 19/40
ProblemsThe bank honors anything I write down
Solution: the Cut-and-choose algorithm
2/9/2011 19
1. Prepare n copies of the messages and ndifferent keys, and send them to the bank
2. The bank requests the keys for and opens n- 1 of them, and verifies them. It then signsthe remaining one.
3. The bank sends back the signedmessage, which can then be decryptedand spent
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 20/40
Electronic checks have the following advantages
They work in the same way as traditional checks, thus simplifying customer
education.
Electronic checks are well suited for clearing micro payments.
Electronic checks create float and the availability of float is an important
requirement for commerce.
Financial risk is assumed by the accounting server and may result in easier
acceptance.Reliability and scalability are provided by using multiple
accounting servers. There can be an inter account server protocol to allow
buyer and seller to ´belongµ to different domains, regions, or countries.
2/9/2011 20
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 21/40
2/9/2011 21
Magnetic stripe¾ 140 bytes
Memory cards¾ 1-4 KB memory, no processor
Optical memory cards¾ 4 megabytes read-only (CD-like)
Microprocessor cards
¾ Embedded microprocessor x (OLD) 8-bit processor, 16 KB ROM, 512 bytes
RAMx Equivalent power to IBM XT PC
x 32-bit processors now available
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 22/40
2/9/2011 22
Plastic card containing an embeddedmicrochip
Available for over 10 years Unsuccessful in U.S. partly because few
card readers available Smart cards gradually reappearing in U.S.
success depends on:¾ Critical mass of smart cards that support
applications¾ Compatibility between smart cards, card-
reader devices, and applications
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 23/40
2/9/2011 23
Ticketless travel
¾ Seoul bus system: 4M cards, 1B transactions since 1996
¾ Planned the SF Bay Area system
Authentication, ID
Medical records Ecash
Store loyalty programs
Personal profiles
Government
¾ Licenses
Mall parking
. . .
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 24/40
Embedded chips with encrypted digitalmoney
Pros and cons¾ Use password to ensure the security
¾ Cyber and real usage
¾ Low transaction cost
¾ No open standard
2/9/2011 24
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 25/40
2/9/2011 25
Advantages:
1. Atomic, debt-free transactions
2. Feasible for very small transactions (information commerce)
3. (Potentially) anonymous4. Security of physical storage
5. (Potentially) currency-neutral
Disadvantages:
1. Low maximum transaction limit
2. High Infrastructure costs3. Single physical point of failure (the card)
4. Not (yet) widely used
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 26/40
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 27/40
Smart cards are basically of two types:
Relationship-based smart credit cards.
Electronic purses- which replace money,
are also known as debit cards andelectronic money.
2/9/2011 27
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 28/40
2/9/2011 28
Stores credit card, electronic cash,owner identification and address
¾ Makes shopping easier and more efficientx Eliminates need to repeatedly enter identifying
information into forms to purchase
x Works in many different stores to speed
checkout¾ Amazon.com one of the first online
merchants to eliminate repeat form-filling for purchases
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 29/40
2/9/2011 29
Agile Wallet¾ Developed byCyber Cash
¾ Allows customers to enter credit card and identifyinginformation once, stored on a central server
¾ Information pops up in supported merchants· payment
pages, allowing one-click payment¾ Does not support smart cards or Cyber Cash, but company
expects to soon
eWallet¾ Developed by Launchpad Technologies
¾ Free wallet software that stores credit card and personal
information on users· computer, not on a central server; infois dragged into payment form from eWallet
¾ Information is encrypted and password protected
¾ Works with Netscape and Internet Explorer
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 30/40
2/9/2011 30
Microsoft Wallet
¾ Comes pre-installed in Internet Explorer, but
not in Netscape¾ All information is encrypted and password
protected
¾ Microsoft Wallet Merchant directory shows
merchants setup to accept Microsoft Wallet
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 31/40
2/9/2011 31
Processing a Payment Card Order
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 32/40
Risks from Mistake and Disputes
¾ Consumer Protection
Managing Information Privacy
Managing Credit Risk
2/9/2011 32
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 33/40
Privacy. A user expects to trust in a secure system. Security. A secure system verifies the identity of two-party transaction through
´user authenticationµ and reserves flexibility to restrict information / servicethrough access control. Millions of dollars have been embezzled by computer fraud. No systems are yet fool-proof, although designers are concentrating closelyon security.
Intuitive interface. The payment interface must be as easy to use as a telephone.Generally speaking, users value convenience more than anything.
Database integration. With home banking, for example, a customer wants to playwith all his accounts. To date, separate accounts have been stored on separatedatabases. The challenge before banks is to tie these databases together and toallow customers access to any of them while keeping the data up-to-date anderror free.
Brokers. A ´network bankerµ ² someone to broker goods and services, settle
conflicts, and facilitate financial transactions electronically ² must be in place. Pricing.One fundamental issue is how to price payment system services. For example, should subsidies be used to encourage users to shift from one form ofpayment to another, from cash to bank payments, from paper based to e-cash.
Standard. Without standards, the welding of different payment users into differentnetworks and different systems is impossible. Standards enable interoperability,giving users the ability to buy and receive information, regardless of which bank ismanaging their money.
2/9/2011 33
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 34/40
2/9/2011 34
(Bob's public key)(Bob's public key)
(Bob's private(Bob's privatekey)key)
Bob has been given two keys.
One of Bob's keys is called a Public Key,
the other is called a Private Key
Bob
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 35/40
Bob's CoBob's Co--workers:workers:
Anyone can Anyone canget Bob'sget Bob's
Public Key,Public Key,but Bobbut Bobkeeps hiskeeps hisPrivate KeyPrivate Keyto himself to himself
Pat Pat DougDoug SusanSusan
2/9/2011 35
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 36/40
Keys are used to encrypt information.Encrypting information means
"scrambling it up", so that only a
person with the appropriate key canmake it readable again.
Either one of Bob's two keys can
encrypt data, and the other key candecrypt that data.
2/9/2011 36
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 37/40
Hey Bob, howHey Bob, howabout lunch at Tacoabout lunch at TacoBell. I hear theyBell. I hear they
have free refills!"have free refills!"
HNFmsEm6UnHNFmsEm6UnBejhhyCGKOK BejhhyCGKOK JUxhiygSBCEiCJUxhiygSBCEiC0QYIh/Hn3xgiK 0QYIh/Hn3xgiK BcyLK1UcYiY BcyLK1UcYiY
lxx2lCFHDC/Alxx2lCFHDC/A
HNFmsEm6UnHNFmsEm6UnBejhhyCGKOK BejhhyCGKOK JUxhiygSBCEiCJUxhiygSBCEiC0QYIh/Hn3xgiK 0QYIh/Hn3xgiK BcyLK1UcYiY BcyLK1UcYiY
lxx2lCFHDC/Alxx2lCFHDC/A
Hey Bob, howHey Bob, howabout lunch at about lunch at Taco Bell. I hearTaco Bell. I hearthey have freethey have freerefills!"refills!"
372/9/2011
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 38/40
With his private key and the right software, Bob canput digital signatures on documents and other data. A digital signature is a "stamp" Bob places on
the data which is unique to Bob, and is very difficultto forge. In addition, the signature assures that anychanges made to the data that has been signedcan not go undetected.
382/9/2011
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 39/40
To sign a document, Bob's software will crunch
down the data into just a few lines by a process
called "hashing". These few lines are called a
message digest. (It is not possible to change amessage digest back into the original data from
which it was created.)
2/9/2011 39
8/7/2019 E Payment Systems
http://slidepdf.com/reader/full/e-payment-systems 40/40
2/9/2011 40