E Payment Systems

8/7/2019 E Payment Systems

http://slidepdf.com/reader/full/e-payment-systems 1/40



2/9/2011 2

Electronic money

also known as e-currency, e-money, electroniccash, electronic currency, digitalmoney, digital cash or digital currency

refers to money or scrip which is onlyexchanged electronically. Typically, this involves theuse of computer networks, the internet and digitalstored value systems. Electronic Funds Transfer

(EFT) and direct deposit are all examples of electronic money.



The internet payment solution providers haveevolved over the recent years.

They facilitate the online payment system for the buyers, sellers and merchants.

The credit cards from the major issuingcompanies like Master, Visa and AmericanExpress has facilitate the payment process andmake it very convenient for the online usersand the merchants.

Now everyone from every part of the worldcan by almost everything on the internetthrough the credit cards.

2/9/2011 3



Methods of

traditional payment¾ Check, credit card,

or cash

Methods of electronic

payment¾ Electronic cash,

software wallets,smart cards, andcredit/debit cards

¾ Scrip is digital cashminted by third-partyorganizations

2/9/2011 4

To transfer money over the Internet



Atomicity

¾ Money is not lost or created during a transfer

Good atomicity¾ Money and good are exchanged atomically

Non-repudiation

¾ No party can deny its role in the transaction¾ Digital signatures

2/9/2011 5



Reliability

Scalability

Security

Integrity

Authentication

Usability

2/9/2011 6



Acceptability

Anonymity: privacy &

untraceability Convertibility

Efficiency

Flexibility

Integration

Availability

2/9/2011 7



Universally accepted Transferable electronically

Divisible

Non-forgeable, non-stealable

Private (no one except parties know theamount)

Anonymous (no one can identify the payer)

Work off-line (no on-line verification

needed)

No known system satisfies all.

2/9/2011 8



Specifically, e-cash must have thefollowing four properties:

monetary value Interoperability

Retrievability,

Security

2/9/2011 9



E-cash

Electronic wallets

Smart card

Credit card

2/9/2011 10



Primary advantage is with purchaseof items less than Rs.100

¾ Credit card transaction fees make smallpurchases unprofitable

¾ Micropayments

x Payments for items costing less than $1

2/9/2011 11



2/9/2011 12

Merchant

Consumer

Bank

1

2

3

4

5

1. Consumer buys e-cash from Bank

2. Bank sends e-cash bits to consumer (after

charging that amount plus fee)

3. Consumer sends e-cash to merchant

4. Merchant checks with Bank that e-cash

is valid (check for forgery or fraud)

5. Bank verifies that e-cash is valid

6. Parties complete transaction: e.g., merchant

present e-cash to issuing back for deposit

once goods or services are delivered

Consumer still has (invalid) e-cash



E-cash must allow spending only once Must be anonymous, just like regular

currency¾

Safeguards must be in place to preventcounterfeiting¾ Must be independent and freely transferable

regardless of nationality or storagemechanism

Divisibility andC

onvenience Complex transaction (checking with

Bank)¾ Atomicity problem

2/9/2011 13



On-line¾ Individual does not have possession

personally of electronic cash¾ Trusted third party, e.g. online bank, holds

customers· cash accounts

Off-line¾ C

ustomer holds cash on smart card or software wallet

¾ Fraud and double spending require tamper-proof encryption

2/9/2011 14



Advantages¾ More efficient, eventually meaning lower

prices¾ Lower transaction costs

¾ Anybody can use it, unlike credit cards, anddoes not require special authorization

Disadvantages¾ Tax trail non-existent, like regular cash

¾ Money laundering

¾ Susceptible to forgery

2/9/2011 15



Complex cryptographic algorithmsprevent double spending

¾ Anonymity is preserved unless doublespending is attempted

Serial numbers can allow tracing toprevent money laundering

¾ Does not prevent double spending, since themerchant or consumer could be at fault

2/9/2011 16



Goal

¾ to have the bank sign documents without

knowing what they are signing.

Why?

± Anonymity with Authentication

2/9/2011 17



How?Basic: Sign anything

2/9/2011 18

1. You encrypt the message

2. Send it to the bank

3. The bank signs the message andreturns it

4. You decrypt the signed message

5. You spend it



ProblemsThe bank honors anything I write down

Solution: the Cut-and-choose algorithm

2/9/2011 19

1. Prepare n copies of the messages and ndifferent keys, and send them to the bank

2. The bank requests the keys for and opens n- 1 of them, and verifies them. It then signsthe remaining one.

3. The bank sends back the signedmessage, which can then be decryptedand spent



Electronic checks have the following advantages

They work in the same way as traditional checks, thus simplifying customer

education.

Electronic checks are well suited for clearing micro payments.

Electronic checks create float and the availability of float is an important

requirement for commerce.

Financial risk is assumed by the accounting server and may result in easier

acceptance.Reliability and scalability are provided by using multiple

accounting servers. There can be an inter account server protocol to allow

buyer and seller to ´belongµ to different domains, regions, or countries.

2/9/2011 20



2/9/2011 21

Magnetic stripe¾ 140 bytes

Memory cards¾ 1-4 KB memory, no processor

Optical memory cards¾ 4 megabytes read-only (CD-like)

Microprocessor cards

¾ Embedded microprocessor x (OLD) 8-bit processor, 16 KB ROM, 512 bytes

RAMx Equivalent power to IBM XT PC

x 32-bit processors now available



2/9/2011 22

Plastic card containing an embeddedmicrochip

Available for over 10 years Unsuccessful in U.S. partly because few

card readers available Smart cards gradually reappearing in U.S.

success depends on:¾ Critical mass of smart cards that support

applications¾ Compatibility between smart cards, card-

reader devices, and applications



2/9/2011 23

Ticketless travel

¾ Seoul bus system: 4M cards, 1B transactions since 1996

¾ Planned the SF Bay Area system

Authentication, ID

Medical records Ecash

Store loyalty programs

Personal profiles

Government

¾ Licenses

Mall parking

. . .



Embedded chips with encrypted digitalmoney

Pros and cons¾ Use password to ensure the security

¾ Cyber and real usage

¾ Low transaction cost

¾ No open standard

2/9/2011 24



2/9/2011 25

Advantages:

1. Atomic, debt-free transactions

2. Feasible for very small transactions (information commerce)

3. (Potentially) anonymous4. Security of physical storage

5. (Potentially) currency-neutral

Disadvantages:

1. Low maximum transaction limit

2. High Infrastructure costs3. Single physical point of failure (the card)

4. Not (yet) widely used





Smart cards are basically of two types:

Relationship-based smart credit cards.

Electronic purses- which replace money,

are also known as debit cards andelectronic money.

2/9/2011 27



2/9/2011 28

Stores credit card, electronic cash,owner identification and address

¾ Makes shopping easier and more efficientx Eliminates need to repeatedly enter identifying

information into forms to purchase

x Works in many different stores to speed

checkout¾ Amazon.com one of the first online

merchants to eliminate repeat form-filling for purchases



2/9/2011 29

Agile Wallet¾ Developed byCyber Cash

¾ Allows customers to enter credit card and identifyinginformation once, stored on a central server

¾ Information pops up in supported merchants· payment

pages, allowing one-click payment¾ Does not support smart cards or Cyber Cash, but company

expects to soon

eWallet¾ Developed by Launchpad Technologies

¾ Free wallet software that stores credit card and personal

information on users· computer, not on a central server; infois dragged into payment form from eWallet

¾ Information is encrypted and password protected

¾ Works with Netscape and Internet Explorer



2/9/2011 30

Microsoft Wallet

¾ Comes pre-installed in Internet Explorer, but

not in Netscape¾ All information is encrypted and password

protected

¾ Microsoft Wallet Merchant directory shows

merchants setup to accept Microsoft Wallet



2/9/2011 31

Processing a Payment Card Order



Risks from Mistake and Disputes

¾ Consumer Protection

Managing Information Privacy

Managing Credit Risk

2/9/2011 32



Privacy. A user expects to trust in a secure system. Security. A secure system verifies the identity of two-party transaction through

´user authenticationµ and reserves flexibility to restrict information / servicethrough access control. Millions of dollars have been embezzled by computer fraud. No systems are yet fool-proof, although designers are concentrating closelyon security.

Intuitive interface. The payment interface must be as easy to use as a telephone.Generally speaking, users value convenience more than anything.

Database integration. With home banking, for example, a customer wants to playwith all his accounts. To date, separate accounts have been stored on separatedatabases. The challenge before banks is to tie these databases together and toallow customers access to any of them while keeping the data up-to-date anderror free.

Brokers. A ´network bankerµ ² someone to broker goods and services, settle

conflicts, and facilitate financial transactions electronically ² must be in place. Pricing.One fundamental issue is how to price payment system services. For example, should subsidies be used to encourage users to shift from one form ofpayment to another, from cash to bank payments, from paper based to e-cash.

Standard. Without standards, the welding of different payment users into differentnetworks and different systems is impossible. Standards enable interoperability,giving users the ability to buy and receive information, regardless of which bank ismanaging their money.

2/9/2011 33



2/9/2011 34

(Bob's public key)(Bob's public key)

(Bob's private(Bob's privatekey)key)

Bob has been given two keys.

One of Bob's keys is called a Public Key,

the other is called a Private Key

Bob



Bob's CoBob's Co--workers:workers:

Anyone can Anyone canget Bob'sget Bob's

Public Key,Public Key,but Bobbut Bobkeeps hiskeeps hisPrivate KeyPrivate Keyto himself to himself

Pat Pat DougDoug SusanSusan

2/9/2011 35



Keys are used to encrypt information.Encrypting information means

"scrambling it up", so that only a

person with the appropriate key canmake it readable again.

Either one of Bob's two keys can

encrypt data, and the other key candecrypt that data.

2/9/2011 36



Hey Bob, howHey Bob, howabout lunch at Tacoabout lunch at TacoBell. I hear theyBell. I hear they

have free refills!"have free refills!"

HNFmsEm6UnHNFmsEm6UnBejhhyCGKOK BejhhyCGKOK JUxhiygSBCEiCJUxhiygSBCEiC0QYIh/Hn3xgiK 0QYIh/Hn3xgiK BcyLK1UcYiY BcyLK1UcYiY

lxx2lCFHDC/Alxx2lCFHDC/A

HNFmsEm6UnHNFmsEm6UnBejhhyCGKOK BejhhyCGKOK JUxhiygSBCEiCJUxhiygSBCEiC0QYIh/Hn3xgiK 0QYIh/Hn3xgiK BcyLK1UcYiY BcyLK1UcYiY

lxx2lCFHDC/Alxx2lCFHDC/A

Hey Bob, howHey Bob, howabout lunch at about lunch at Taco Bell. I hearTaco Bell. I hearthey have freethey have freerefills!"refills!"

372/9/2011



With his private key and the right software, Bob canput digital signatures on documents and other data. A digital signature is a "stamp" Bob places on

the data which is unique to Bob, and is very difficultto forge. In addition, the signature assures that anychanges made to the data that has been signedcan not go undetected.

382/9/2011



To sign a document, Bob's software will crunch

down the data into just a few lines by a process

called "hashing". These few lines are called a

message digest. (It is not possible to change amessage digest back into the original data from

which it was created.)

2/9/2011 39



2/9/2011 40

Date post:	09-Apr-2018
Category:	Documents
Upload:	navyahnn
View:	220 times
Download:	0 times

E Payment Systems

Documents