2. Introduction
• It is the the mechanism of transferring money
over the Internet and technology used in this
transfer is called as EFT.
• Methods of traditional payment
– Check or cash
• Methods of electronic payment
─ Electronic cash, software wallets, smart
cards, and credit/debit cards
• Increased security
2
3. • To transfer money over the Internet
• Efficient means of exchanging funds and cash
flows
• Increase in remote payments (on the Internet)
• Drive to reduce cost, efficiency (and
inconvenience) of conventional payment
systems
• New services requiring new charging
mechanisms
3
4. Requirements for e-payment
• Atomicity
– Money is not lost or created during a transfer
• Acceptability
• Reliability
• Security
• Efficiency
• Non-repudiation
– No party can deny its role in the transaction
– Digital signatures
4
5. Desirable Properties of Digital Money
• Universally accepted
• Transferable electronically
• Divisible
• Non-forgeable, non-stealable
• Private (no one except parties know the amount)
• Anonymous (no one can identify the payer)
• Work off-line (no on-line verification needed)
5
6. Cash Transaction
CENTRAL
BANK 4. SELLER’S BANK
-2. CENTRAL BANK ISSUES
SENDS CASH TO
FIDUCIARY MONEY
CENTRAL BANK
(ANTI-FORGERY) +
(SERIAL NUMBERS) 3. SELLER’S BANK
CREDITS SELLER’S
BANK ACCOUNT
-1. CENTRAL BANK SELLS
CASH TO BUYER’S BANK
BUYER’S SELLER’S
BANK BANK
2. SELLER DEPOSITS
CASH IN SELLER’S
0. BUYER’S BANK ALLOWS THE VISIBLE TRANSACTION BANK ACCOUNT
BUYER TO DRAW CASH
FROM BUYER’S ACCOUNT BUYER SELLER
1. BUYER PHYSICALLY
GIVES CASH TO SELLER
6
7. Types of E-payments
• Instant paid or cash
- electronic cash or e-cash
• Debit or prepaid
- smart card,electronic purse or e-wallet
• Credit or postpaid
- credit card,electronic cheques
7
8. Electronic Cash
• The two distinctive characteristics for cash
– Anonymity and transferability
• Ecash was developed by DigiCash and is now
provided by ecashtechnologies
(http://www.ecashtechnologies.com)
• Its founder David Chaum is a well known expert
in the area of digital cash.
• Ecash allows anonymous and secure electronic
cash payment over the Internet.
• Ecash is based on an innovative blind signature
method.
• Advantageous for microPayments. 8
9. Electronic Cash Issues
• E-cash must allow spending only once
• Must be anonymous, just like regular
currency
– Safeguards must be in place to prevent
counterfeiting
– Must be independent and freely transferable
regardless of nationality or storage
mechanism
• Divisibility and Convenience
9
10. E-cash Concept
Merchant
1. Consumer buys e-cash from Bank
2. Bank sends e-cash bits to consumer (after
5 charging that amount plus fee)
4
3. Consumer sends e-cash to merchant
4. Merchant checks with Bank that e-cash
Bank 3 is valid (check for forgery or fraud)
5. Bank verifies that e-cash is valid
6. Parties complete transaction: e.g., merchant
2 present e-cash to issuing back for deposit
1 once goods or services are delivered
Consumer
10
11. Basic Operation of E-
cash system
Customer Bank VBS (Merchant)
Send the blinded coins to the
bank
Generate the blinded coins
coins Debit the account and sign
the blinded coins
Return the signed blinded coins
signed
Unblind the coins
Pay by the coins
Check the validity of the
coins and whether they have Deposit the coins
been spent and credit the
account accordingly
Confirm the deposit
Ship goods or perform the service
11
12. Electronic Cash Storage
• Two methods
– On-line
• Individual does not have possession personally of
electronic cash
• Trusted third party, e.g. online bank, holds
customers’ cash accounts
– Off-line
• Customer holds cash on smart card or software
wallet
• Fraud and double spending require tamper-proof
encryption
12
13. Advantages and Disadvantages of
Electronic Cash
• Advantages
– More efficient, eventually meaning lower prices
– Lower transaction costs
– Anybody can use it, unlike credit cards, and does not require
special authorization
– Secured transaction
• Disadvantages
– Tax trail non-existent, like regular cash
– Non divisibility
– Susceptible to forgery
13
14. Electronic Cash Security
• Complex cryptographic algorithms prevent
double spending
– Anonymity is preserved unless double spending is
attempted
• Serial numbers can allow tracing to prevent
money laundering
– Does not prevent double spending, since the
merchant or consumer could be at fault
14
15. E-cheque
• It is same as paper cheue
• Contain the name of payer’s bank,payer’s
account number,the name of payee,amount
• It provide authentication of customer with by
using digital signature of payer and payer’s bank
15
16. E-cheque system scenario
Buyers Bank Sellers Bank
rd
5.Fo o rwa e
rwar 4.F equ
cheq d ch
ue
6 .T r r
a s fe
mon nsfer an
ey Accounting .Tr ney
7 o
Server m 3.Forward
Account E-cheque to
update bank
1.Access and Browse
Buyer’s
2.Select goods,transfer e-cheque Seller’s Server
Browser
16
18. Credit Cards
• The most expensive ePayment mechanism
• Currently the most convenient method
• Used for the majority of Internet purchases
• Has a preset spending limit
• Advantage:
− People can buy more than they can afford
• Disadvantages:
− doesn’t work for small amounts (too expensive)
− doesn’t work for large amounts (too expensive)
18
19. Parties to a Credit Card Transaction
CARD,
TELEPHONE,
INTERNET
BUYER SELLER
DIALUP OR
U.S. MAIL! LEASED LINE
BUYER’S SELLER’S
BANK BANK
CARD
ASSOCIATION
PROPRIETARY NETWORK
19
20. Types of credit cards
• Payments using plain credit card
• Payments using encrypted credit card details
• Payment using third party verification
20
21. Types of Fraud
• Mail Non-Receipt
– Theft of mail containing a replacement card
• Chargeback Fraud
– Bank notified that illegal purchases were made
and they charge payment is taken back from the
merchant
• Skimming
– Merchant copies the magnetic strip illegally
21
22. Number System
• The first digit in your credit-card number signifies the system:
– 3 - travel/entertainment cards (Amer. Express & Diners Club)
– 4 - Visa
– 5 - MasterCard
– 6 - Discover Card
– Phone companies, gas companies and department stores have their
own numbering systems 22
23. Fraud Prevention
• Card-Present
– Signed receipt that
matches signature on
back of the credit
card
– Show photo
identification
– Checking the last 4
digits on the card 23
24. Fraud Prevention
• Card Not Present
• Telephone or on-line
purchases
– Fax copies of the credit
card along with photo
identification
– Card Security Code on
the back of the credit
card 24
25. Smart Cards
• Plastic card containing an embedded
microchip
– Can contain cash
– Over 100 times more information storage than a
magnetic-striped plastic card
– Information is encrypted, unlike plain credit cards
which have account number on its face, making
credit theft practically impossible
25
26. Smart Cards
• Magnetic stripe
– 140 bytes, cost $0.20-0.75
• Memory cards
– 1-4 KB memory, no processor, cost $1.00-2.50
• Optical memory cards
– 4 megabytes read-only (CD-like), cost $7.00-12.00
• Microprocessor cards
– Embedded microprocessor
• (OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM
• Equivalent power to IBM XT PC, cost $7.00-15.00
• 32-bit processors now available 26
27. Smart Cards
• Available for over 10 years
• So far not successful in U.S., but popular in
Europe, Australia, and Japan
• Unsuccessful in U.S. partly because few card
readers available
• Smart cards gradually reappearing in U.S.;
success depends on:
– Critical mass of smart cards that support
applications
– Compatibility between smart cards, card-reader
devices, and applications
27
28. Types of Smart cards
• Memory smart card or Electronic purses or
Debit Card
─store monetary value on chip
─ less info and processing
• Intelligent or Relationsship based Smart Card
─store cardholder’s info i.e-name,birth date,
Preferances,purchase record
─services such as debit,credit,stored value for e-
cash
28
29. Smart Card Applications
• Ticketless travel
– Seoul bus system: 4M cards, 1B transactions since 1996
– Planned the SF Bay Area system
• Authentication, ID
• Medical records
• Electronic purse
• Personal profiles
• Government
– Licenses
• Banking & Retail
29
31. Secure Electronic Transaction (SET)
• Developed by Visa and MasterCard
• Designed to protect credit card transactions
• Confidentiality: all messages encrypted
• Trust: all parties must have digital certificates
• Privacy: information made available only
when and where necessary
31
32. Secure Electronic Transaction (SET) Protocol
• Jointly designed by MasterCard and Visa
– backed by Microsoft, Netscape, IBM, GTE, SAIC, and
others
• Designed to provide security for card payments
as they travel on the Internet
– validates consumers and merchants in addition to
providing secure transmission
• SET specification
– Uses public key cryptography and digital certificates
for validating both consumers and merchants
– Provides privacy, data integrity, user and merchant
authentication, and consumer nonrepudiation
32
33. Key Technologies of SET
• Confidentiality of information: DES
• Integrity of data: RSA digital signatures with
SHA-1 hash codes
• Cardholder account authentication:
X.509v3 digital certificates with RSA
signatures
• Merchant authentication: X.509v3 digital
certificates with RSA signatures
• Privacy: separation of order and payment
information using dual signatures 33