Electronic Commerce I Secured Electronic Payment Systems Electronic

Electronic Commerce I. Secured Electronic Payment Systems

Electronic Payments

Payments, Protocols and Related Issues Payment Cards (credit, debit, charge) Electronic Cash and Micropayments Electronic Fund Transfer on the Internet Electronic Check Systems 3

The E-Payment Chain merchant settlement agent WEB ATM merchant acquirer touch point internet POS Telephone Wireless issuer banks gateways settlement agent 4

Using Payment Cards Online There are three basic configurations for processing online payments used by merchants: • • • Own the payment software Use a point of sale system (POS) operated by an acquirer Use a POS operated by a payment service provider s payment service provider (PSP) A third-party service connecting a merchant’s EC system to the appropriate acquiring bank or financial institution. PSPs must be registered with the various card associations they support 5

Using Payment Cards Online payment cards Electronic cards that contain information that can be used for payment purposes Three forms of payment cards: 1. Credit cards 2. Debit cards 3. Charge cards 6

1. Electronic Credit Card System on the Internet The Players: Cardholder Merchant (seller) Issuer (your bank) Acquirer (merchant’s financial institution, acquires the sales slips) Brand (VISA, Master Card) 7

1. Electronic Credit Card System on the Internet (cont. ) The process of using credit cards offline A cardholder requests the issuance of a card brand (like Visa and Master. Card) The authorization of card issuance to an issuer bank in which the by the issuer bank, or its designated cardholder may have an account. brand company, may require customer’s physical visit to an office. A plastic card is physically delivered to the customer’s address by mail. The card can be in effect as the cardholder calls the bank for initiation and signs on the back of The cardholder shows the card to a the card. merchant to pay a requested amount. Then the merchant asks for approval from the brand Upon the approval, the merchant company. requests payment to the merchant’s acquirer bank, and pays fee for the The acquirer bank requests the service. This process is called a issuer bank to pay for the credit “capturing process” amount. 8

Cardholder 2. show credit card 1. Issue card 4. Capture Merchant 3. Payment authorization payment data Card Brand Company payment data account debit data 5. payment data 6. amount transfer Issuer Bank Acquirer Bank Cardholder Account Merchant Account Credit Card Procedure (offline and online) 9 9

Electronic Credit Card System on the Internet (cont. ) PROCESSING CARDS ONLINE authorization Determines whether a buyer’s card is active and whether the customer has sufficient funds settlement Transferring money from the buyer’s to the merchant’s account 10

2. Debit Cards The amount is drawn immediately from your bank account No transaction fee, so it is preferred by merchants Less protection than credit card purchases Preferred for B 2 B over credit cards as it saves transaction fees 11

3. Electronic Cash and Micropayments stored-value cards A card that has monetary value loaded onto it and that is usually rechargeable An electronic card containing an embedded microchip that enables predefined operations or the addition, deletion, or manipulation of information on the card 12

E-Cash Smart Cards The concept of e-cash is used in the non-Internet environment Plastic cards with magnetic stripes (old technology) Includes IC chips with programmable functions on them which makes cards “smart” Recharge the card only at designated locations, such as bank office. Future: recharge at your PC or Mobile phone e. g. Mondex & Visa. Cash 13

Smart Cards TYPES OF SMART CARDS contact card A smart card containing a small gold plate on the face that when inserted in a smart card reader makes contact and passes data to and from the embedded microchip • Used to access buildings and for paying in buses and other transportation systems: Bus, subway and toll card in many cities contactless (proximity) card A smart card with an embedded antenna, by means of which data and applications are passed to and from a card reader unit or other device without contact between the card and the card reader • Good for a range of up to 100 feet, and can be used for tolling moving vehicles at gates: Pay toll without stopping (e. g. Highway 91 in California) 14

Smart card-based e-cash Can be recharged at home through the Internet Money is drawn from the card owner bank account and is transferred to the receiver's bank account Can be used on the Internet as well as in a non. Internet environment Ceiling of Stored Values No transfer from one country to another To prevent the abuse of stored values in money laundry Multiple Currencies Can be used for cross border payments 15

Smart Cards System Requirements smart card reader Activates and reads the contents of the chip on a smart card, usually passing the information on to a host system smart card operating system Special system that handles file management, security, input/output (I/O), and command execution, and provides an application programming interface (API) for a smart card 16

Stored Value Cards and E-Cash Examples of e-Payment Cards: Digi-Cash is like an electronic bill but has a conflict with the role of central bank Mondex, Visa. Cash applied this approach (a variance of the debit card) Cyber. Cash has commercialized a debit card named Cyber. Coin as a medium of micropayments on the Internet 17

Electronic Money Digi. Cash (electronic bills) The analogy of paper money or coins Expensive, as each payment transaction must be reported to the bank and recorded Conflict with the role of central bank’s bill issuance Illegal; Digi. Cash is not supposed to issue more than an electronic gift certificate even though it may be accepted by a wide number of member stores 18

Mondex Makes Shopping Easy Shopping with Mondex Adding money to the card Payments in a new era of electronic shopping Paying on the Internet 19

4. Electronic Micropayments Stored Value Cards No issuance of money – prepaid card Debit card — a delivery vehicle of cash in an electronic form Either anonymous or onymous • Advantage of an anonymous card: the card may be given from one person to another Also implemented on the Internet without employment of an IC card • The electronic purse (or e-wallet) is stored on the PC (doesn’t have to use smart cards) Cyber. Cash issued Cyber. Coin for micropayments: • Small online payments, typically under $10 20

5. Electronic Fund Transfer (EFT) on the Internet Payee Payer Cyber Bank Payment Gateway ACH Bank VAN Bank Automated Clearinghouse VAN An Architecture of Electronic Fund Transfer on the Internet 21

5. Electronic Fund Transfer (EFT) on the Internet Automated Clearing House (ACH) Network A nationwide batch-oriented electronic funds transfer system that provides for the interbank clearing of electronic payments for participating financial institutions 22

5. Electronic Check Systems (cont. ) E-Checks: A legally valid electronic version or representation of a paper check Example : Safe. Check Used mainly in B 2 B Electronic Checkbook Counterpart of electronic wallet To be integrated with the accounting information system of business buyers and with the payment server of sellers To save the electronic invoice and receipt of payment in the buyers and sellers computers for future retrieval 24

Payer’s Payee’s check -receipt agent checkbook agent Payer Issue a check Payee Receipt Checkbook, screened result report Request of screening check issuance control agent of payer’s bank present control agent of payee’s bank clearing ACH A/C DB payer’s bank Internet A/C DB payee’s bank The Architecture of Safe. Check 25 25

Few Security Tips Don’t reveal your online Passcode to anyone. If you think your online Passcode has been compromised, change it immediately. Don’t walk away from your computer if you are in the middle of a session. Once you have finished conducting your banking on the internet, always sign off before visiting other internet sites. If anyone else is likely to use your computer, clear your cache or turn off and re-initiate your browser in order to eliminate copies of web pages that have been stored in your hard drive. Bank of America strongly recommends that you use a browser with 128 -bit encryption to conduct secure financial 26 transactions over the internet.