Escolar Documentos
Profissional Documentos
Cultura Documentos
Amit Tripathy
13MBA001
Why E-payments?
The various factors that have lead
the financial institutions to make
use of electronic payments are:
Decreasing technology cost:
Reduced operational and
processing cost:
Increasing online commerce:
Types of EPS
E- CASH
SMART CARDS
E- WALLETS
CREDIT CARDS
E-cash
Term that describes any value storage and
exchange system created by a private entity
that:
Does not use paper documents or coins
physical currency
It
E-Wallet
The E-wallet is another payment scheme
that operates like a carrier of e-cash and
other information.
The aim is to give shoppers a single, simple,
and secure way of carrying currency
electronically.
Trust is the basis of the e-wallet as a form of
electronic payment.
Ex: Microsoft .NET Passport, Yahoo! Wallet
Advantage
Smart Cards
A smart card, is any
pocket-sized card with
embedded integrated
circuits which can process
data
This implies that it can
receive input which is
processed and delivered as
an output
times more
information than a
magnetic strip plastic
card
Safer than
conventional credit
cards
Credit Cards
It is a Plastic Card having a Magnetic
Number and code on it.
It has Some fixed amount to spend.
Customer has to repay the spend amount
after sometime.
Cardholder
credit
card
Merchant
Payment authorization,
payment data
Card Brand Company
payment data
Acquirer Bank
Merchant
Account
Security requirements
Security Schemes
Original
Message
Scrambled
Message
Sender
Encryption
Keyreceiver
Internet
Scrambled
Message
Decryption
Original
Message
Receiver
Message
Original
Message
Scrambled
Message
Private Keyreceiver
Internet
Scrambled
Message
Sender
Receiver
Private Keysender
Digital
Signature
Original
Message
Sender
Original
Message
Scrambled
Message
Public Keysender
Internet
Scrambled
Message
Original
Message
Receiver
Digital Signature
Analogous to handwritten signature
Sender encrypts a
message with her
private key
Certificate
Identifying the holder of a public key (KeyExchange)
Issued by a trusted certificate authority (CA)
Name : Richard
key-Exchange Key :
Signature Key :
Serial # : 29483756
Other Data : 10236283025273
Expires : 6/18/96
Signed : CAs Signature
GCA
CCA
MCA
PCA
Secure Electronic
Transaction (SET) Protocol
Jointly designed by MasterCard and Visa with backing
SET specification
Uses public key cryptography and digital certificates for
and
merchant
Senders Computer
1. The message is hashed to a prefixed length of message digest.
2. The message digest is encrypted with the senders private signature
key, and a digital signature is created.
3. The composition of message, digital signature, and Senders
certificate is encrypted with the symmetric key which is generated at
senders computer for every transaction. The result is an encrypted
message. SET protocol uses the DES algorithm instead of RSA for
encryption because DES can be executed much faster than RSA.
4. The Symmetric key itself is encrypted with the receivers public key
which was sent to the sender in advance. The result is a digital
envelope.
Receivers Computer
5. The encrypted message and digital envelope are transmitted to
receivers computer via the Internet.
6. The digital envelope is decrypted with receivers private exchange key.
7. Using the restored symmetric key, the encrypted message can be
restored to the message, digital signature, and senders certificate.
8. To confirm the integrity, the digital signature is decrypted by senders
public key, obtaining the message digest.
9. The delivered message is hashed to generate message digest.
10. The message digests obtained by steps 8 and 9 respectively, are
compared by the receiver to confirm whether there was any change
during the transmission. This step confirms the integrity.
other applications
it does not protect against all security hazards
it is mature, simple, and widely use
Complex
Simple
Managerial Issues