Docstoc

20070817204102GP

Document Sample
20070817204102GP Powered By Docstoc
					ITEC5611
Electronic Payment Systems
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   2
                       Systems Implementation
The Payment Revolution


•         Crucial Factors
      –      Independence
            • Some e-payment systems require specialized software or
                 hardware to make payment
      –      Interoperability and portability
      –      Security
      –      Anonymity
      –      Divisibility
      –      Ease of use
      –      Transaction fees
      –      Regulations

S. Kungpisdan                 ITEC5611 Electronic Commerce             3
                                 Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   4
                       Systems Implementation
Using Payments Cards Online


       payment card
       Electronic card that contains information that can
       be used for payment purposes

•      Three forms of payment cards:
      –     Credit cards
      –     Debit cards



S. Kungpisdan              ITEC5611 Electronic Commerce   5
                              Systems Implementation
Using Payments Cards Online


•      Processing Credit Cards Online
            authorization
            Determines whether a buyer’s card is active and
            whether the customer has sufficient funds

            settlement
            Transferring money from the buyer’s to the
            merchant’s account

S. Kungpisdan            ITEC5611 Electronic Commerce     6
                            Systems Implementation
Using Payments Cards Online


•      Processing Credit Cards Online

            payment service provider (PSP)
            A third-party service connecting a merchant’s
            EC systems to the appropriate acquirers. PSPs
            must be registered with the various card
            associations they support



S. Kungpisdan            ITEC5611 Electronic Commerce       7
                            Systems Implementation
Using Payments Cards Online

      –     Key participants in processing credit card payments online
            include the following:
           •    Acquiring bank
           •    Credit card association
           •    Customer
           •    Issuing bank
           •    Merchant
           •    Payment processing service
                –   Service provides connectivity among merchants, customers and
                    financial network
           •    Processor
                –   Data center that processes credit-card transactions and settles funds to
                    merchants



S. Kungpisdan                     ITEC5611 Electronic Commerce                             8
                                     Systems Implementation
Using Payments Cards Online


•      Fraudulent Credit Card Transactions
            Address Verification System (AVS)
            Detects fraud by comparing the address entered on a
            Web page with the address information on file with
            cardholder’s issuing bank
           •    Result in a number of false positive
           •    Only available in US and Canada




S. Kungpisdan                 ITEC5611 Electronic Commerce        9
                                 Systems Implementation
Using Payments Cards Online


            card verification number (CVN)
            Detects fraud by comparing the verification number
            printed on the signature strip on the back of the card
            with the information on file with the cardholder’s
            issuing bank




S. Kungpisdan               ITEC5611 Electronic Commerce             10
                               Systems Implementation
Using Payments Cards Online


•         Fraudulent Credit Card Transactions
      –     Additional tools used to combat fraud include:
            •   Manual review
            •   Negative files
                –   check to see if customer’s transaction is matched against the file
                    containing customer’s information
            •   Card association payer authentication services
                –   3D (3-domain) Secure
                –   E.g. Verified by Visa, MasterCard SecureCode, JCB J/Secure
                –   Require cardholders to register with the systems and merchants to
                    adopt and support both existing systems and the new systems
                –   Cardholder needs to have an additional password to authenticate
                    him/herself
                –   Merchant must also enroll itself to the program

S. Kungpisdan                      ITEC5611 Electronic Commerce                          11
                                      Systems Implementation
Smart Cards


       smart card
       An electronic card containing an embedded
       microchip that enables predefined operations or
       the addition, deletion, or manipulation of
       information on the card




S. Kungpisdan         ITEC5611 Electronic Commerce       12
                         Systems Implementation
Exhibit 12.2 Smart Card




S. Kungpisdan   ITEC5611 Electronic Commerce   13
                   Systems Implementation
Smart Cards


•      Types of Smart Cards

            contact card
            A smart card containing a small gold plate on the face that when
            inserted in a smart card reader makes contact and passes data
            to and from the embedded microchip

            contactless (proximity) card
            A smart card with an embedded antenna, by means of which
            data and applications are passed to and from a card reader unit
            or other device without contact between the card and the card
            reader


S. Kungpisdan                 ITEC5611 Electronic Commerce                 14
                                 Systems Implementation
Smart Cards


•      Applications of Smart Cards
      –     Retail Purchases
              e-purse
              Smart card application that loads money from a
              card holder’s bank account onto the smart card’s
              chip
              Common Electronic Purse Specification (CEPS)
              Standards governing the operation and
              interoperability of e-purse offerings


S. Kungpisdan             ITEC5611 Electronic Commerce       15
                             Systems Implementation
Smart Cards


•      Applications of Smart Cards
      –     Transit Fares
                To eliminate the inconvenience of multiple types of tickets
                used in public transportation, most major transit operators
                in the United States are implementing smart card fare-
                ticketing systems

      –     E-Identification
                Because they have the capability to store personal
                information, including pictures, biometric identifiers, digital
                signatures, and private security keys, smart cards are
                being used in a variety of identification, access control,
                and authentication applications
S. Kungpisdan                  ITEC5611 Electronic Commerce                   16
                                  Systems Implementation
Smart Cards


•      Applications of Smart Cards in Health Care
      –     Storing vital medical information in case of emergencies
      –     Preventing patients from obtaining multiple prescriptions
            from different physicians
      –     Verifying a patient’s identity and insurance coverage
      –     Speeding up the hospital or emergency room admissions
            process




S. Kungpisdan               ITEC5611 Electronic Commerce                17
                               Systems Implementation
Smart Cards


•      Securing Smart Cards
      –     Smart cards store or provide access to either valuable
            assets or to sensitive information
      –     Because of this, they must be secured against theft,
            fraud, or misuse
      –     The possibility of hacking into a smart card is
            classified as a “class 3” attack, which means that the
            cost of compromising the card far exceeds the
            benefits


S. Kungpisdan              ITEC5611 Electronic Commerce          18
                              Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   19
                       Systems Implementation
Secure Electronic Transaction




S. Kungpisdan   ITEC5611 Electronic Commerce   20
                   Systems Implementation
Services Provided by SET

• Secure communications channel among involved parties
• Trust by using X.509 certs
• Party privacy: parties will receive only the information that
  they are intended to receive




S. Kungpisdan          ITEC5611 Electronic Commerce               21
                          Systems Implementation
SET Requirements

• Provide confidentiality of payment and ordering information
• Ensure the integrity of all transmitted data
• Provide authentication that a cardholder is a legitimate user of a credit
  card account
• Provide authentication that a merchant can accept credit card
  transactions through its relationship with a financial institution
• Ensure the use of the best security practices and system design
  techniques to protect all legitimate parties in an e-commerce
  transactions
• Create a protocol that neither depends on transport security
  mechanisms nor prevents their use



S. Kungpisdan              ITEC5611 Electronic Commerce                   22
                              Systems Implementation
Secure Electronic Transaction
                            4, 6                           3
                              5, 10, 11


                    2
                                                       9   7
                1
                                                 12

                                        8




S. Kungpisdan           ITEC5611 Electronic Commerce           23
                           Systems Implementation
SET Transaction Overview

1.     Client opens an account
2.     Client receives a certificate
3.     Merchants have their own certs
4.     The client places an order (C  M)
5.     The merchant is verified (M  C)
6.     The order and payment are sent (C  M)
7.     The merchant requests payment authorization (M  PG)
8.     Payment is approved (PG  I, I  A, I,A  PG)
9.     The merchant receives authorization response (PG  M)
10.    The merchant confirms the order (M  C)
11.    The merchant provides goods or service (M  C)
12.    The merchant requests payment (M  A)



S. Kungpisdan                ITEC5611 Electronic Commerce      24
                                Systems Implementation
Dual Signature

•   In SET, two messages for two intended recipients are sent in one message
      –   Order Information (OI) from client to merchant -> not revealed to the bank
      –   Payment Information (PI) from client to the bank -> not revealed to the merchant
      –   DS = EKRc[H(H(PI)||H(OI))]
      –   DS provides link btw OI and PI for the client
•   If merchant receives DS, H(PI), merchant can prove that client has sent
    purchase request (because merchant has OI).
•   If bank receives DS, H(OI), the bank can prove that client has request it to
    deduct money from client’s account (because the bank has PI).




S. Kungpisdan                      ITEC5611 Electronic Commerce                              25
                                      Systems Implementation
Stored-Value Cards


       stored-value card
       A card that has monetary value loaded onto it
       and that is usually rechargeable




S. Kungpisdan         ITEC5611 Electronic Commerce     26
                         Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   27
                       Systems Implementation
E-Micropayments


       e-micropayments
       Small online payments, typically under US $10

•      Companies with e-micropayment products:
      –     BitPass (bitpass.com)
      –     Paystone (paystone.com)
      –     PayLoadz (payloadz.com)
      –     Peppercoin (peppercoin.com)


S. Kungpisdan             ITEC5611 Electronic Commerce   28
                             Systems Implementation
Millicent




S. Kungpisdan   ITEC5611 Electronic Commerce   29
                   Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   30
                       Systems Implementation
E-Checking


       e-check
       A legally valid electronic version or
       representation of a paper check

       Automated Clearing House (ACH) Network
       A nationwide batch-oriented electronic funds
       transfer system that provides for the interbank
       clearing of electronic payments for participating
       financial institutions

S. Kungpisdan          ITEC5611 Electronic Commerce        31
                          Systems Implementation
E-Checking


•      Benefits of e-check processing:
      –     It reduces the merchant’s administrative costs by
            providing faster and less paper-intensive collection of
            funds
      –     It improves the efficiency of the deposit process for
            merchants and financial institutions




S. Kungpisdan               ITEC5611 Electronic Commerce              32
                               Systems Implementation
E-Checking


•      Benefits of e-check processing:
      –     It speeds the checkout process for consumers
      –     It provides consumers with more information about
            their purchases on their account statements
      –     It reduces the float period and the number of checks
            that bounce because of insufficient funds (NSFs)




S. Kungpisdan              ITEC5611 Electronic Commerce            33
                              Systems Implementation
Exhibit 12.3 Processing E-Checks with
             Authorize.Net




S. Kungpisdan   ITEC5611 Electronic Commerce   34
                   Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   35
                       Systems Implementation
Electronic Bill Presentment and Payment


       electronic bill presentment and payment
       (EBPP)
       Presenting and enabling payment of a bill online.
       Usually refers to a B2C transaction




S. Kungpisdan         ITEC5611 Electronic Commerce     36
                         Systems Implementation
Exhibit 12.4 E-Bill Presentment




S. Kungpisdan   ITEC5611 Electronic Commerce   37
                   Systems Implementation
Electronic Bill Presentment and Payment


•      Types of E-Billing
      –     Online banking
      –     Biller direct
      –     Bill consolidator




S. Kungpisdan                   ITEC5611 Electronic Commerce   38
                                   Systems Implementation
Electronic Bill Presentment and
Payment

•      Advantages of E-Billing
      –     Reduction in expenses related to billing and
            processing payments
      –     Electronic advertising inserts can be customized to
            the individual customer
      –     Reduces customer’s expenses




S. Kungpisdan              ITEC5611 Electronic Commerce           39
                              Systems Implementation
Exhibit 12.5 E-Billing Process for
             Single Biller




S. Kungpisdan     ITEC5611 Electronic Commerce   40
                     Systems Implementation
Exhibit 12.6 E-Billing Processes for
             Bill Consolidator




S. Kungpisdan      ITEC5611 Electronic Commerce   41
                      Systems Implementation
Outline

•   The Payment Evolution
•   Using Payment Cards Online
•   Secure Electronic Transaction (SET)
•   E-Micropayment
•   E-Checking
•   Electronic Bill Presentment and Payment
•   PayPal


S. Kungpisdan       ITEC5611 Electronic Commerce   42
                       Systems Implementation
PayPal




S. Kungpisdan   ITEC5611 Electronic Commerce   43
                   Systems Implementation
Send money person to person




S. Kungpisdan   ITEC5611 Electronic Commerce   44
                   Systems Implementation
PayPal Website Payment




S. Kungpisdan   ITEC5611 Electronic Commerce   45
                   Systems Implementation
PayPal Website Payment (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   46
                   Systems Implementation
PayPal Website Payment (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   47
                   Systems Implementation
PayPal Website Payment (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   48
                   Systems Implementation
Receiving money

• A merchant who wants to withdraw money from Paypal
  account must add bank account to Paypal first.




S. Kungpisdan       ITEC5611 Electronic Commerce       49
                       Systems Implementation
Paypal Virtual Terminal

•   It’s an online version of the credit
    card swipe machines used in
    stores. But it gives you added
    advantages:
•   Increase sales. Expand your
    business beyond the internet.
•   Save money. There’s no need to
    invest in expensive equipment.




S. Kungpisdan                   ITEC5611 Electronic Commerce   50
                                   Systems Implementation
Paypal Sandbox

• Go to https://developers.paypal.com/




S. Kungpisdan         ITEC5611 Electronic Commerce   51
                         Systems Implementation
Paypal Sandbox (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   52
                   Systems Implementation
Paypal Sandbox (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   53
                   Systems Implementation
Paypal Sandbox (cont’d)




S. Kungpisdan   ITEC5611 Electronic Commerce   54
                   Systems Implementation
Questions?


Next lecture
Search Engines, Directory
Services and Internet Advertising

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:8
posted:5/15/2012
language:
pages:55
fanzhongqing fanzhongqing http://
About