EPS-unit 2a

8/3/2019 EPS-unit 2a

http://slidepdf.com/reader/full/eps-unit-2a 1/53

UNIT 2



Electronic Payment Systems



Work on EFT (Electronic Fund Transfer)• What is EFT?

• Banking and Financial Payments

(Wholesale payments, Small scale payments and Homebanking)

• Retailing Payments(Credit Cards, Debit Cards, Charge Cards)

• Online Electronic Commerce Payments – Token-based payment systems

Electronic Cash(digicash), Electronic Checks(NetCheque)& Smart cards (Mondex Electronic Currency Card)

– Credit card based payment systems Encrypted credit cards (WWW form-based encryption)Third party authorization numbers (First Virtual)



Electronic Fund Transfer

EFT: Transfer of funds through an electronicterminal, telephonic instrument, or computeror magnetic tape so as to order/authorize a

financial institution to debit or credit anaccount.



Digital Token-based EPS

• Electronic token

designed as electronic analogs of various forms of payment backed by a bank or

financial institution.

3 types

Cash or real-time - Electronic Cash (E-cash)

Debit or prepaid - Smart Card/debit Card

Credit or postpaid - Credit Card/Debit Card & Electronic checks



Four dimensions

• Nature of transaction for which the instrument is

designed

• Means of settlement

• Approach to security, anonymity, and

authentication

• Question of risk



Electronic Cash(E-Cash/Digital Cash)

• Term that describes any value storage and

exchange system created by a private entity that

– Does not use paper documents or coins

– Can serve as a substitute for government-issuedphysical currency

• Attractive in two arenas

– Sale of goods and services of less than $10 – Sale of higher-priced goods and services to those

without credit cards



Micropayments and Small Payments

• Micropayments

– Internet payments for items costing from a few

cents to approximately a dollar

• Small payments

– Payments of less than $10



Properties of E-cash

• E-cash must have a monetary value.

• E-cash must be interoperable.

• E-cash must be storable and retrievable.• E-cash should not be easy to copy or tamper

while being exchanged.



Privacy and Security of Electronic Cash

• Concerns about electronic payment methodsinclude

– Privacy and security issues

• E-cash should have two importantcharacteristics with physical currency

–spend e-cash only once.

–ought to be anonymous



Advantages and Disadvantages ofElectronic Cash

Advantages of electronic cash

• Independence (unrelated to any network or storage device)

• Portability (freely transferable between two parties)

• Convenience (doesn’t require special hardware and software)

• Transactions are more efficient

• Transfer on the Internet costs less than processing credit cardtransactions

Disadvantages of electronic cash

– Use provides no audit trail

– Problem of money laundering arises

– Susceptible to forgery



Purchasing E-cash from CurrencyServers

• The purchase of e cash from an on-line currencyserver (or bank) involves two steps:

(1) Establishment of an account and

(2) Maintaining enough money in the account toback the purchase.



Purchasing E-cash from Currency Servers

How does this process work?

- User should have an e-cash account at a digital bank on the

internet.- When an e-cash withdrawal is made, the PC of user calculates

how many digital coins of what denominations are needed to

withdraw the requested amount.

- Random numbers of these coins will be generated and theblinding (random number) factor will be included.

- The result of these calculations will be sent to the digital bank.

- The bank encode the blinded numbers with its secret key (digital

signature) and at the same time debit the account of the client

for the same amount.

- The authenticated coins are sent back to the user and finally user

will take out the blinding factor.



In cryptography, a blind signature , as

introduced by David Chaum, is a form of

digital signature in which the content of amessage is disguised (blinded) before it is

signed.

Purchasing E-cash from Currency

Servers



Purchasing E-cash from CurrencyServers

• This method of note generation is very secure, as neither

the customer (payer) nor the merchant (payee) can

counterfeit the bank’s digital signature (analogous to the

watermark in paper currency).• Payer and payee can verify that the payment is valid,

since each knows the bank’s public key. The bank is

protected against forgery, the payee against the bank’s

refusal to honor a legitimate note, and the user against false

accusations and invasion of privacy.



Double Spending

• Spending a particular piece of electronic cash

twice by submitting the same electronic currency

to two different vendors.

• By the time the same electronic currency clears

the bank for second time, it is too late to prevent

the fraudulent act.

• Encryption techniques used to prevent doublespending.



Transfer digital cash

Check for doublespending

Issue cash

Payer Payee

Bank Digital Currency ServerBank

Detection of double spending

Database of spent

“notes”



Business Issues and Electronic Cash

E-cash fulfills the two main functions:

• As a medium of exchange• As a store of value

- Intangible cash

- Enormous currency fluctuations in international finance

- Bank could not create new money via lending in thedigital world; Bank would see electronic money as

unproductive.

- E-cash started to bypass regulated foreign exchange

markets.



Operational Risk and Electronic Cash

• Operational risk associated with e-cash can bemitigated by imposing constraints, such as limits

on

1. Time over which a given electronic money is valid

2. How much can be stored on and transferred byelectronic money

3. No. of exchanges that can take place before a

money needs to be redeposited with a bank or

financial institution

4. No. of such transactions that can be made during

a giving period of time



Legal Issues and Electronic Cash

• The impact of e-cash on taxation. (transactionbased taxes – sales tax)

• Easy use of cash leads to expand the

underground economy (money laundering)

• These legal issues to be considered.



Providing Security for Electronic Cash

• Cryptographic algorithms

– Keys to creating tamperproof electronic cashthat can be traced back to its origins

• Anonymous electronic cash

– Electronic cash that cannot be traced back tothe person who spent it

• Creating truly anonymous electronic cash – Requires bank to issue electronic cash with

embedded serial numbers



Electronic Check

• Another form of electronic tokens• An e-Check is an electronic transfer of funds in

which the money is taken from a bank account,

typically a checking account.

• The account's routing number and account number

are used to draw funds from the account.

• e-Checks can clear much faster than written

checks.



Electronic Check

Transfer electronic check

Forward check for

payer authentication

Deposit check

PayerPayee

Accounting ServerBank

Payment transaction sequence in an

electronic check system



Electronic Check - Advantages

• Work in the same way as traditional checks• Well suited for micropayments; the use of

conventional cryptography makes it much faster

than systems based on public key cryptography (e-

cash)

• E-checks create float and availability of float.

(third party- accounting server make money by

charging)• Financial risk is assumed by the accounting server



Cryptography

• Public key cryptography (E-cash)

When X wants to send a secure message to Y, he uses Y's public key

to encrypt the message. Y then uses private key to decrypt it.

• Conventional cryptography (E-check)



NetCheque

• A prototype electronic check system

• Developed at the Information Sciences Institute of theUniversity of Southern California.

• Registered users may write checks to other registered usersthrough e-mail or other network protocols.

• When the check is deposited, it authorizes the transfer of

funds from the issuer's account to the receiver's account.All information is kept on a netcheque server, which isresponsible for keeping accounts for customers, approvingpayments, and making the necessary changes in clientaccounts.

• Security wise, Netcheque uses Kerberos for signatureauthentication, and it uses conventional cryptography, notpublic key cryptography.

S t C d d El t i P t



Smart Cards and Electronic PaymentSystems

Smart Card

• Credit and debit cards and other card products enhanced

with microprocessors capable of holding more information

than the magnetic stripe.

• The chip can store greater amounts of data (80 times more

than a magnetic stripe)

• Two types of smart cards:

– Relationship-based smart credit cards

– Electronic purses



Relationship-based Smart Cards

• An enhancement of existing card services and/or the

addition of new services that financial institution delivers

to its customers via a chip-based card or other device.

– New services include access to multiple financial accounts

(debit, credit, investment, e-cash)

– value-added marketing programs

– Variety of functions such as cash access, bill payment,

balance enquiry, electronic transfer

– other information.



Mondex

• Smart card that holds and dispenses electronic

cash

• Introduced in 1990 and now part of MasterCard

International

• Can accept electronic cash directly from a user’s

bank account

• Card carries real cash in electronic form – Risk of theft may deter users from loading it with

very much money



Mondex (Continued)

• Steps in using a Mondex card to transfer electronic cash from buyerto seller

1. Card user inserts Mondex card into reader

2. Merchant’s terminal requests payment

3. Customer’s card checks merchant’s digital signature4. Merchant’s terminal checks customer’s just-sent digital signature

for authenticity

5. Once electronic cash is deducted from the cardholder’s card

• Same amount is transferred into the merchant’s electroniccash account



Mondex Smart Card Processing



Electronic Wallets

• Hold credit card numbers, electronic cash,owner identification and contact information

• Give consumers the benefit of entering theirinformation just once

• Make shopping more efficient



Electronic Wallets (Continued)

• Server-side electronic wallet

– Stores customer’s information on a remote

server belonging to a particular merchant orwallet publisher

• Client-side electronic wallet

– Stores consumer’s information on his or her

own computer



Microsoft .NET Passport

• An electronic wallet operated by Microsoft

• Passport consists of four integrated services

– Passport single sign-in service (SSI)

– Passport Wallet service

– Kids Passport service

– Public profiles



Microsoft .NET Passport Home Page

PayPal Payment Method Search Option on eBay Main Search Page



PayPal Payment Method Search Option on eBay Main Search Page

• PayPal is an account-based system that lets anyone with an email addresssecurely send and receive online payments using their credit card or bankaccount. It is the most popular way to electronically pay for eBay auctions and

it is becoming a cheap way for merchants to accept credit cards on their on-line storefronts instead of using a traditional



Online Payment Basics (Continued)

• Scrip

– Digital cash minted by a company instead of by agovernment

– Cannot be exchanged for cash

– Like a gift certificate that is good at more than one

store

– eScrip, National Scrip Center and Scrip.com focus on not-for-profit fundraising market.



Credit card



Credit card

• Visa or MasterCard

– Has spending limit based on user’s credit history



Credit Card



Debit Card

- Removes amount from cardholder’s bank account

- Transfers it to seller’s bank account



Charge Card

– Carries no spending limit

– Amount charged is due at end of billing period

Credit Card-based Electronic Payment

http://upload.wikimedia.org/wikipedia/en/0/08/DinersClubMasterCard.jpg



Credit Card-based Electronic PaymentSystems

To avoid complexity associated with digital cash and

electronic checks, consumers and vendors are also

looking at credit card payments on the internet.

Credit card payment on online network:

- Payments using plain credit card details

- Payments using encrypted credit card details

- Payments using third-party verification



Encryption and Credit Cards

Processing payments using encrypted credit cards

Third party processors and Credit



Third party processors and CreditCards

Payment

Server

Merchant

Server

Client

Browser

Online third party

processors with

links to multiple

payment systems

Customer Merchant

On-line payment process using a third-party

processor

Online Third Party Processor (OTPP)

• OpenMarket www.openmarket.com

• First Virtual www.fv.com

http://www.openmarket.com/

http://www.fv.com/

http://www.fv.com/

http://www.openmarket.com/



Pros and Cons of Credit Card-basedpayment

Advantages:• Credit card company assumes a large share of

financial risk for both buyer and seller in atransaction.

• Record keeping with credit cardDisadvantages• Transactions are not anonymous.• Disputes may arise because different services may

have different policies.

• Complexity of credit card processing takes placein the verification phase. If there is a lapse in timebetween the charging and the delivery of goods orservices, the customer verification process is simple.



Risk and Electronic Payment Systems

• One essential challenge of E-Commerce isrisk management.

• Operation of Payment system incurs:

- Fraud or mistake

- Privacy Issues

- Credit Risk



Risks from Mistake and disputes

• Record keeping

• Includes

– Permanent storage

– Traceability and accessibility

– Payment system database

– Data transfer to payment maker, bank or

monetary authorities• Customers might feel that all this record keeping

is an invasion of privacy



Managing information privacy

• EPS must ensure and maintain privacy.

Managing Credit Risk

• Credit or Systemic risk is a major concern innet settlement system.

• Digital central bank must develop policies todeal with this possibility.



Designing Electronic PaymentSystems

• Privacy

• Security

• Intuitive interfaces

• Database Integration

• Brokers

• Pricing

• Standards



Exercise

• How debit card is different from credit card?

• Discuss the various Electronic Payment Systems.

• What are electronic cheques ? How they are

different from traditional cheques?• How electronic purses work?

• What are smart cards?

• How electronic checks are differ from credit card?

• How On-line third-party processors (OTPPs)differ from electronic token system?

EPS-unit 2a

Documents

Transcript of EPS-unit 2a