Electronic Payment Mechanism

8/2/2019 Electronic Payment Mechanism

1/15

Electronic payment

mechanism

Rubina of

m.Com 2nd

yearpresents


2/15

Topics to be dealt with..

What Electronic payment mechanism means ?

Encryption meaning

encryption and cryptography methods Methods of electronic payment

Set protocol and its components


3/15

Electronic payment

Electronic payment is an integral part of

electronic commerce Electronic payment is a financial exchange that

takes place online between buyers and sellers

The content of this exchange is usually someform of digital financial instrument such asencrypted credit card numbers ,electronicchecks, digital cash.

It decreases technology cost, reducedoperational and processing costs and increasesonline commerce.


4/15

Features of payment methods Anonymity : it is concerned with whether a third

party can trace back who was involved in thepayment transaction

Security: it is concerned with whether apayment method is secure

Overhead cost: it is concerned with overheadcost of processing a payment

Transferability: whether a payment can becarried out without involvement of a third party

Divisibility: whether the total sum of payment iseasily divisible in small sums

Acceptability: it should have been globallyaccepted


5/15

EncryptionMeaning

It is the process of transforming plain text or data into

cipher text that cannot be read by any one other thanthe sender and the receiver.

Purpose of encryption

To secure stored information

To secure information transmission

It provides following security services:

Message integrity-assure non alteration of message

Non repudiation-prevents user from denying he/she hassend it

Authentication-provides verification of identity of person

Confidentiality- assure that message was not read byothers


6/15

Methods of encryption and cryptographyThere are two basic methods of encryption

Symmetric key

Asymmetric or public key

Symmetric key :

It is also known as secret key encryption.

Here both the sender and receiver of message uses the

same key for encryption and decryption The keys or ciphers used are digital strings i.e. combination

of 0s and 1s (bits)

For instance binary representation of letter A in ASCIIcode is 8 binary digits i.e. 01000001

To encrypt the above 8 bit binary digit into cipher form wemultiply each letter by another 8 bit key number(eg:01010101)

By doing so we get an encrypted message which is thensent to the recipient.


7/15

Public key encryption:

Here both the sender and the receiver uses

different keys to encrypt and decrypt themessage

Features

Two mathematically related digital keys are useda public and a private key

The private key is kept secret by the owner and

the public key is widely disseminated. Once a key is used to encrypt the message the

same cannot be used to decrypt the message.

it solves the problem of exchanging keys


8/15

Basic Public key cryptography process

1.Original

messagebuy Cisco

@RS.25000

2.Recipients public key

3.Message

encrypted incipher text

10101101110001

4.internet5.Recepie

nts private

key

Buycicso

@RS

Recipien

t

Sender


9/15

Public key using digital signature and hash digits In basic public key encryption some elements of security is

missing

A more sophisticated use of public key cryptography canachieve authentication, on repudiation, and integrity

This can be done by using hash function and digital signature

Hash function: it is an algorithm that produces fixed lengthnumber called hash or message digest

The results of applying hash is send to the recipient.

Digital signature: it is a signed cipher text that can be sent over

internet , Generally senders private key is used to sign thecipher text

Steps in encryption:

The sender encrypts the entire block of cipher text one more

time by using his private key.


10/15

The recipient of this signed text first user senders public key

to authenticate message

Then uses his private key to obtain hash result and original

message

Finally , he computes the hash value and compare with the

received hash value

If the results are same then the message ha snot been altered

Digital envelope

A technique that uses symmetric key for encrypting and alsouses

public key to encrypt and send the symmetric key

Here we have a key within a keyIt helps in improving the efficiency and provide authentication of

message


11/15

SET protocol for credit payment Secure electronic transactions (SET) is a protocol for

encrypted credit card payment transfers.

Announced in February 1996, by visa and master card

Set establishes a single technical standard forprotecting payment card purchases over the internet

Features of SET:

confidentiality through encryption

Integrity- through digital signatures

Consumer account and merchant accountauthentication through digital certificates

Interoperability must be applicable on a variety of

hardware and software platforms


12/15

SET components and its phasesMerchant the seller

Cardholdera registered holder of credit card Issuer bank which issues card to cardholder

Acquirer a third party acting as an agent to merchant

Payment gateway a third party which authorizes andprocesses credit card payments.

SET has the following phases:

Certificate issuance

Purchase initiation and response Authentication of merchant and cardholder

Authorization of transaction by the credit cardcompany


13/15

SET purchase modelVerification of merchant Verification of

certificate Cardholder certificate

merchant certificate issued cardholder certificateissued

purchase request

purchase response

Authorization request

Authorization response

Certificate

authority chain

Certificate

authority

Certificate

authority

Merchant Cardholder

Payment

gateway(acquirer)


14/15

Finally it employs cryptography method , ituses symmetric and public private key

It even uses dual signature

Set is much wider in scope when compared toSSL (secure socket layer ) connection as itdoes not mandate the use of digitalcertificates, dual signatures and online

authorization.


15/15

Thank you

Electronic Payment Mechanism

Documents

Transcript of Electronic Payment Mechanism