Paying via the Net Jan Damsgaard Dept. of Informatics Copenhagen Business School

Paying via the Net

Jan DamsgaardDept. of Informatics

Copenhagen Business Schoolhttp://www.cbs.dk/staff/damsgaard/

EBUSS Jan Damsgaard, 2004

General features of payment systems

Means to exchange value between parties Different mechanisms

– Cash– Documents (check, money orders, letters of

credit)– Means of identification and associated payment

mechanisms (debit/credit cards)


General features of payment systems

Features– Identity of the transaction and the payer– Cost of the payment method– Volume, amount of payment, distance of

paying parties


Requirements for digital payment systems

Flexibility (different types of payments, anonymity vs. traceability)

Usability Conversion capabilities Universal Integration with financial institutions Scalability Security of the payment

Integrity, Confidentiality, Availability Non repudiation


Different types of payments

Type of Payment Features

Micro payment ( <5 $) Anonymity, usability, flexibility, conversion, scalability, very low cost

Consumer payment (5<500 $) Traceability, usability, conversion, scalability, security, integration, low cost

Business payment

(>500 $)

Traceability, security, conversion, integration,

Cost not important


Four examples

The Internet Bookshop– Selling books on the net

The translation service– A freelance translator

The news agency– Delivers news on the Internet

Software Company– Sells and distribute its products on the Internet


Payment methods

Pre-paid systems– digital cash, debit accounts

Instant paid systems – integration with bank accounts, digital brokers

Post paid systems – credit cards and checks


Post-paid payment systems Rely on the wide use of credit cards Advantages

– Widely known– Consumer protection– Currencies– Usability

Disadvantages– Cost– Security– Anonymity– Complex


Post-paid payment systems

Requires transaction completeness which cannot be guaranteed with SSL only


SET: Secure Electronic Transaction Protocol

Jointly developed by VISA and MASTERCARD Backed by EU for secure transactions


SET Features Involves:

– Cardholder (the buyer)– Merchant (the seller)– Payment gateway (Merchant’s bank that verifies the credit card) – Certification Authorities (authenticate cardholder to merchant

and merchant to payment gateway) Enables

– secure communication on the Internet between a merchant and a payment gateway

– information confidentiality, hide customer order information from bank since order is processed by merchant and hides card information from merchant since payment is processed by bank


SET Features

Combines 3 products Cardholders wallet

– on the hard drive, contains digital certificate, or a smart card

Merchant gateway software Gateway software for payment recipient

All 3 parties need SET compliant digital certificate


SET cont.

Generates two messages, one for the acquirer and one for the merchant

Each message contains only the information that is essential to that particular party in order to protect the privacy of as much information as possible


SET: Secure Electronic Transaction Protocol

Features– Highly secure– Low visibility (Merchant never receives any Credit Card numbers, and is

protected despite lack of credit card imprint)

– Recognized open standards– Non repudiation– Integration to other technological solutions (smartcards

on credit cards, smart cards on mobile phones, enables easy distribution

of keys and DS’s)


Examples of SSL based Instant paid systems: Direct bank connections

Available in Europe where electronic funds transfers is common

Integrates Web banking solutions with ordering and payments on the web

Instant transfer of a payment from a customers’ account to a merchants’ account

Requires move from a merchant’s side to the bank site (and back)

Good security because of the use of session passwords and other means to ensure secure transactions


Instant payment

Instant visibility and transfer of money Good integration with other financial services Requires well established infrastructure and

good connections Cumbersome with moves for small payments Good for larger payments


Micro payment systems

Equivalent of cash residing on the computing device (computer, mobile device or smart card)

Requires a means to prevent copying, or altering; means to restore money, means to guarantee anonymity

An “embossment” process is used to add value to a “coin” from a user’s account without recording any information linking the user to the embossed coin

Enables transferable, anonymous payments


Digital Cash

Coins are purchased from the bank and stored on user’s hard drive– no accounts are required during the transaction

Encryption is used to transfer payments Spent coins are redeemed by bank

Alice

Merchant

1. Creates a blank coin

2. Place blank coin in digital

envelope

Bank

Remove $1 from Alice’saccount & “emboss” the digital envelope and blank coin with validating signature

$1$1

$1$1Removescoin from

digitalenvelope

$1$1SpendsCoin

Recognizesits own“emboss” (validatingsignature)and honorsthe coin

$1$1 Redeemcoin

Blind Signature


Smart cards

Small cards which can be programmed to hold digital money

Money can be transferred between cards through readers, ATM’s or other devices (in future also mobile phones)

Can be loaded with value, stored and transferred Sometimes controlled by a PIN-code Resistant to cold, damp, electrical interference or x-

rays


Paypal

You start with setting up a PayPal account at paypal.com

Any credit card or bank account will do Send money and your account is debited;

receive money and it is credited The only catch is that the person on the

other end has to have a PayPal account, too …


Paypal fees

It is free to send money– Open an account – Send money – Add funds – Withdraw money to a bank account


www.DANMONT.dk

Owned jointly by Danish financial institutions For use in the three largest Danish towns

– Plus in a number of company cantinas Stand alone solution

– No account– No PIN– Rechargeable


DANMONT cards are made of wood. Not plastic

Transactions Pr. quarter


Mobile Phones

Can be used to pay online SIM card and PIN code together provide

instant cash Cellular phone companies are experts in

micro payment Instant paid for consumer goods


Så er der film!

Sikker Nethandel – http://www.rgtv.dk/

E-Shoppens sikkerhed– http://www.rgtv.dk/

http://www.rgtv.dk/

http://www.rgtv.dk/

http://www.rgtv.dk/

http://www.rgtv.dk/


Assessment FrameworkFeature Post-paid Instant Paid Pre-paid

Acceptability High Low Low

Anonymity Low High Middle

Convertibility High High High

Efficiency Low High High

Flexibility Low Middle Low

Integration High Low-middle Middle

Reliability High High High

Scalability High High High

Security Middle High Middle


Other types of payment

Loyalty points The gift economy Closed loop communities

– Cake clubs Etc …

Paying via the Net Jan Damsgaard Dept. of Informatics Copenhagen Business School

Documents

Transcript of Paying via the Net Jan Damsgaard Dept. of Informatics Copenhagen Business School