Post on 19-Dec-2015
SET – Secure Electronic Transaction
Setting The Stage For Safe Internet Shopping
-Jignesh Shah-
-Riyaz Malbari-
History/Background:
-Internet shopping didn’t quite pick up as consumers considered financial transactions over the internet, unsafe-Lacks the one on one transaction feeling.-Visa & MC came up with the idea what we call as SET.
Advantages:
-Privacy: Uses 1024 bit public key cryptography which renders the intercepted message unreadable !-Integrity: Hashing & signing ensures message sent is unaltered.-Authentication: Uses digital certificates to ensure the parties are really who they claim to be.
How SET Works:
Components:Cardholder
Merchant
Acquirer Gateway
Certification Authority
Merchant’s Cardholder’s
Bank Bank
1. Cardholder initializes purchase 2. Merchant verifies funds
3. Acquirer authorizes purchase &
Verifies merchant’s certificate5. Requests payment4. Order is
confirmed
6. Makes transfers & provides payment to merchant
How safe is SET?
-Uses 1024–bit cipher keys, making it one of the strongest encryption applications.
-If we use 100 computers each processing 10 MIPS, it would take 2.8 x 10 11 years to break just ONE encrypted message !!!!
Source: http://www.rsa.com/set/html/howstrong.html
SET versus SSL
-SET was developed specifically for payment transaction. SSL simply encrypts the communication channel between cardholder & merchant website and its not backed by any financial institution.
- Compare 128-bit encryption with that to SET !
SET versus SSL:
-SET also authenticates each participant as its backed by CA & financial institutions.
-SET provides security throughout the entire transaction process. SSL provides security only between cardholder and merchant.
Concept of Dual Signature :
Alice Bob
Bank
Certificate Issuance:Electronic representation of payment card/brand
Must be approved by the Acquirer gateway
Payment Processing :
• Cardholder registeration• Merchant registeration• Purchase request • Payment authorisation• Payment capture
Drawbacks:
Slow Expensive Not portable
References:
http://www.setco.org http://www.wolrath.com/set.html http://www.MasterCard.com
THANK YOU !!!