Syllabus

Characteristics of payment system;

Classification of payment systems –

- E-cash,
- E-check,
- overview of smart card;

Applications of IPSec.
6. E-Payment Systems

E payment is a subset of an e-commerce transaction to

include electronic payment for buying and selling goods
or services offered through the Internet.

As technology is developing, the range of devices and

processes to transact electronically continues to
increase while the percentage of cash and check
transactions continues to decrease.
6. E-Payment Systems

An e-commerce payment system facilitates the

acceptance of electronic payment for online
transactions.

The main objectives of EPS are to increase efficiency,

improve security, and enhance customer convenience
and ease of use.
6. E-Payment Systems

Payments
Payment
Cash, Cheque, Credit Card

Customer Businessman
Product/Service

Fig. Traditional Payment System

6. E-Payment Systems

Payments
Payment
EFT, E-Cash, E-Check, E-
Wallet, Payment Cards,
MicroPayments

Customer Product/Service Businessman

Fig. Electronic Payment System

Some Example
E-Payment classification

 By amount
 By the time of payments
 By Technological Concept
 Bu the degree of anonymity
E-Payment classification I
 What is the amonut:
 Three categories are defined: picopayments, micropayments,
and macropayments.

 Picopayments: one cent to one euro (Fee based website)

◦ It is an Important method for volume or unit based pay-
models
◦ Solutions for picopayment should be very simple to
implement, since users do not want to go through a long
and complex process in order to pay such small amounts

 Micropayments: One euro to 10 euro

◦ There is no clearly defined size of a micropayment, since it
differs from business to business. A lot of firms established
one dollar as a threshold of micropayment definition, which
means any transaction that is less than one dollar is
considered to be a micropayment.
 Macropayment :
◦ Payment solutions for larger amounts are placed into the
macropayment category
E-Payment classification III
E-Payment classification II
E-Payment classification IV
 Payment solutions can be
differentiated according to the
technology employed.

 Possible categories differentiate the

settlement of accounts and methods
used to store electronic money. This is
deposited into an account or stored in
the form of virtual coins.
Advantage of e-payment system
 Reduce the cost of transferring money.
 Security and reliability.
 Trustworthy and Traceability.
 Low financial risk.
 User friendly features.
Characteristics of e-payment system
 Flexibility
Should accept several form of payment rather than limiting
the user a single form of currency

 Reliability
Should ensure and confidence in user. The users should
be completely safe from failure.

 Acceptability
Robust available and accessible to a wide range of
consumer and sellers.

 Convertibility
The electronic currency should be interoperable and
interchangeable with other form of electronic cash, paper,
currency and deposits in bank account.
6. E-Payment Systems

Payment cards :

A payment card is a device—usually an embossed

plastic card—that allows its owner (the cardholder) to
make an electronic payment

They contain stored financial value that can be

transferred from the customer's computer to the
businessman's computer.

Eg - Credit cards, debit cards, charge cards, smart

cards are payment cards.
 6. E-Payment Systems

Credit cards :
They are the most popular method used in EPSs and are
used by charging against the customer credit.

There are two types of credit cards on the market today:

Credit cards issued by credit card companies (e.g.,
MasterCard, Visa Card) and major banks.

Credit cards issued by department stores and oil

companies.
6. E-Payment Systems

Credit cards issued by credit card companies (e.g.,

MasterCard, Visa Card) and major banks.

Credit cards are issued based on the customer's income

level, credit history, and total wealth.
The customer uses these cards to buy goods and services or
get cash from the participating financial institutions.
The customer is supposed to pay his or her debts during the
payment period; otherwise interest will accumulate.
Two limitations of credit cards are their unsuitability for very
small or very large payments.
6. E-Payment Systems

Credit cards issued by department stores and oil

companies.

Businesses extremely benefit from these company cards and

they are cheaper to operate.

They are widely issued to and used by a broad range of

customers.

Businesses offer incentives to attract customers to open an

account and get one of these cards.
Reasons for the popularity of credit cards
 Credit cards have already been in use for decades
in offline trading.

 Credit cards are available and accepted worldwide.

 Credit cards are simple in terms of implementation

and do not need special software.

 Online payment simply involves entering the credit

card number along with the name of the card owner
into a form.

 Credit cards are generally convenient for the buyer.

Many banks add a small basic charge for
processing payments by credit card.
Disadvantage of Credit Card
 Credit cards are not anonymous. When a product is
purchased, the owner of the credit card and its number
become known to both the seller and the banks involved in
the transaction, which again represents a security risk.

 Credit cards are not suitable for payments between private

individuals. A special contract must be concluded with the
credit card company and bank to enable a person to receive
money through a credit card.

 Credit cards are expensive for the seller. Credit card

institutions and banks require the seller to pay relatively high
basic charges as well as a percentage of sales to them.

 Credit cards do not possess any security mechanism. If an

attacker steals a credit card number, this is sufficient to buy
products online.
Debit cards:

The difference between credit cards and debit cards is

that in order to pay with a debit card you need to know
your personal identification number (PIN) and need a
hardware device that is able to read the information that
is stored in the magnetic strip on the back or the smart
chip.
 6. E-Payment Systems

Debit cards:
Debit cards task similar to checks in that the charges will
be taken from the customer's checking account.

The benefit for the customer is the easiness of use and

convenience.

These cards also keep the customer under his or her

budget because they do not allow the customer to go
beyond his or her resources.
6. E-Payment Systems

Charge Cards
Charge cards are similar to credit cards except they have
no revolving credit line, so the balance must be paid off
every month.

A credit card is different from a charge card: a charge card

requires the balance to be paid in full each month. In
contrast, credit cards allow the consumers a continuing
balance of debt, subject to interest being charged.
 6. E-Payment Systems

Smart cards:
They include stored financial value and other important
personal and financial information used for online
payments.

A smart card is about the size of a credit card, made of a

plastic with an embedded microprocessor chip that holds
important financial and personal information and has ability
to add, delete, and manipulate information on the card.

Two factor authentication (smart card and pin to access

smart card)
6. E-Payment Systems
Smart cards:
The money on the card is saved in an encrypted form and is
protected by a password to ensure the security of the smart
card solution.

In order to pay via smart card it is necessary to introduce the

card into a hardware terminal, which requires a special key
from the issuing bank to start a money transfer in either
direction.
6. E-Payment Systems

Smart cards:
Smart-card technology can be used to hold information
on health care, transportation, identification, retail, loyalty
programs and banking, to name a few.

Smart cards are broadly classified into two groups:

Contact: This type of smart card must be inserted into a
special card reader to be read and updated.

Contact-less: This type of smart card can be read from a

short distance using radio frequency.
Advantage
 More Secure
 This simple technology has revolutionized the payment
card industry and increased the level of card security.
These cards use encryption and authentication
technology which is more secure than previous methods
associated with payment cards. The microprocessor
chip embedded at the heart of the smart card requires
contact to the card reader and certain areas of the chip
can be programmed for specific industries.

 Safe to Transport
 Another advantage to having a smart card is their use in
the banking industry (and many other sectors). These
cards give the holder freedom to carry large sums of
money around without feeling anxious about having the
money stolen. In this regard, they are also safe because
the cards can be easily replaced, and the person would
have to know the pin number to access its stored value.
 Double as an ID Card
A third advantage of using a smart card is that they can provide
complete identification in certain industries. There are
numerous benefits of using smart cards for identification. A
driver’s license that has been created using smart card
technology can give the police the ability to quickly identify
someone whose been stopped for speeding or reckless driving.
These cards can be used by health professionals to identify
someone who is brought in by an ambulance but unconscious
or unable to speak.

 Prevents Fraud
Other benefits of using smart cards for identification can be
used by governments to prevent benefits and social welfare
fraud to ensure the right person is receiving the welfare benefit.
Some countries are using the smart cards to identify temporary
workers who have been given work permits. This has the
potential to reduce immigration fraud.

Smart cards are just as easy to use as a credit or debit card, but
considerable more secure. They are lightweight and easy to
carry. This makes it easy to have one card to pay for parking,
access to the office, and for buying lunch at the office cafeteria
Disadvantage
 Slow Adoption
If used as a payment card, not every store or restaurant will
have the hardware necessary to use these cards. One of the
reasons for this is since the technology is more secure, it is
also more expensive to produce and use. Therefore, some
stores may charge a basic minimum fee for using smart cards
for payment, rather than cash.

 Possible Risk of Identify Theft

When used correctly for identification purposes, they make the

jobs of law enforcement and healthcare professionals easier.
However, for criminals seeking a new identity, they are like
gold, based on the amount of information it can contain on an
individual.
Credit Card
1. A Credit card is basically an
electronic card with magnetic
data strip or a chip, issued to
customers by banks and
other credit agencies.
2. credit cards are lines of
credit when you use a credit
card, the issuer puts money
toward the transaction.This is
a loan you are expected to
pay back in full unless you
won't to be charged interest.
Debit Card
1. Debit cards are magnetic
strip and chip enabled cards,
issued to customers by their
respective banks.
2. Any time you use a debit
card to buy something,
money is deducted from your
account with a debit card you
can really only spend the
money you have available to
you.
Smart Card
1. A smart card contains a
special embedded
microprocessor, which is a
computer processor or a
microchip.
2. Smart cards applications
benefit consumers where
their life and business habits
intersect with payment
processing technologies.
 3. Smart cards offer more
3. A PIN makes them secure so
security and confidentially than
long as no one steals the card
any other financial or
number and PIN as long as you
Less Secure transaction storage card the
don't lose the card itself. If the
market.They are a safe place
card is stolen, debit cards are
to store sensitive or personal
very insecure .
information .

5. Debit cards can be used with

5. Credit cards are mostly used a PIN almost everywhere retail
5. Smart cards widely used in
in online payments, to sell stores, gasoline, resturants
telecommunications industry.
things or the web. and pay phones.

6. Debit cards are more readily

6. For the merchant credit card accepted by merchants than 6. The retail industry widely
transactions result in are checks. especially in uses applications of the smart
immediate credit to the countries where check cashing card more specially to identify
merchants bank account. and check processing are not and reward custom
widely used.
 E-Payment with Cards-
Example: PayPal (payment between two
Individuals)
 E-Cash
An Innovative micropayment
solution
6. E-Payment Systems

Electronic money (e-money/e-cash):

This is standard money converted into an electronic
format to pay for online purchases.

Similar to regular cash, e-cash enables transactions

between customers without the need for banks or other
third parties.

When used, e-cash is transferred directly and

immediately to the participating merchants and vending
machines.
6. E-Payment Systems

Electronic money (e-money/e-cash):

eCash used a procedure based on digital signatures.
This was referred to as a blind signature in order to
emphasize the anonymity of the procedure. The user of
eCash generated his own coins and had them signed by
his bank.

Bank issue digital token (some unique encrypted

numbers) of various coins that are similar to cash. The
consumer can use these tokens for online purchase,
which the merchant can then submit to the bank in order
to get paid.
6. E-Payment Systems

E-Payment Systems
Electronic Checks
E-check is the result of cooperation among several
banks, government entities, technology companies, and
e-commerce organizations.

An e-check uses the same legal and business protocols

associated with traditional paper checks.

It is a new payment instrument that combines high-

security, speed, convenience, and processing efficiencies
for online transactions.
E-checks
 Contain the same information as paper checks contain.

 Are based on the same rich legal framework as paper

checks

 Can be linked with unlimited information and exchanged

directly between parties

 Can be used in any and all remote transactions where

paper checks are used today

 Enhance the functions and features provided by bank

checking accounts

 Expand on the usefulness of paper checks by providing

value-added information
 1.Request for authorization:
For writing an e-check the payer writes electronic command.
First, he visits the website which aids money transfer. When you
log in the website such as e-check deposit online, registration
procedure takes place. After sign in, the bank account information
is linked to the website. Essential bank account information is
entered in the system which is the first step to money transfer.
Then with few clicks on the “yes” tab will initiate the e-check. This
way you authorize the bank to make the payments. It may be
treated as a digital signature.

 2.Set up of information:
A pdf is generated when all this information is entered. This pdf is
sent on the email address of the recipient who can download the
check on his computer through the same website. A print of this
e-check is taken and can be deposited in his bank. This print out
is treated as the reality check which is sent to the client within
seconds. So, a lot of time that is wasted in the transportation of
paper check, is saved. E-checks payment by mail from your
computer or mobile is treated as if it is your bank now.
.
 3.Submission of print out:
When the client shows that print out to his own bank, the
customer details acknowledge the standing payments. Thus,
e-check payment by the web is a powerful tool to send money
the same day. This way the businessman of today has control
of his cash flow.

 4.Payment confirmation:
The payment is drawn from the payee's account and gets
credited to the recipient’s account with the online generation
of command
6. E-Payment Systems

E-Payment Systems
6. E-Payment Systems

E-Payment Systems

Electronic wallets (e-wallets)

E-wallet is a type of pre-paid account in which a user can

store his/her money for any future online transaction.

An E-wallet is protected with a password. With the help of

an E-wallet, one can make payments for groceries, online
purchases, and flight tickets, among others. ss
6. E-Payment Systems

E-Payment Systems

Electronic wallets (e-wallets) :

Consumers are not required to fill out order forms on each
site when they purchase an item because the information
has already been stored and is automatically updated and
entered into the order fields across merchant sites when
using a digital wallet.

Digital Wallets allow shoppers to link credit cards or other

alternative payment methods to a virtual wallet. Their
information is encrypted or protected by a private software
code.
Electronic wallets (e-wallets) :

Some examples are

Google Wallet

Apple’s Passbook

Lemon Wallet
Write notes on these e-Wallets
etc...
Features of E-wallet
 All information is in one location.
 Current balance can be stored and read
 Universal access
 Encrypted security Logic
 No separate card reader is required to access
e-wallet
Types of E-wallet.

(i) Closed system payment instruments:

These are payment instruments generally issued by business for
in-house good and services only. These instruments do not carry
the cash withdrawal or redemption (save).

(ii) Semi-Closed system payment instruments:

A semi-closed wallet can be used for goods and services, for
selected merchant, locations

(iii) Open system payment instruments:

These are payment instruments which can be used for purchase of
goods and services and also permit cash withdrawal at ATMs
Based on where the information is stored

 Server Side Electronic Wallet

A server electronic wallet stores a customer information on
the the remote server belonging to a particular merchant or
wallet publisher

Client Side Electronic Wallet

A client side electronic stores customers information on
his/her own computer
 Advantages of e-wallet
◦ More useful for online merchants
◦ Available 24 hours/7 days
◦ More flexible
◦ Pay person to person
◦ Safety and control
◦ Accessibility and convenience

Disadvantage of e-wallet
Problem of money laundering arises
May arises compatibility issue.
E-wallet failure prove inefficient.
Introduction to IPSec
 Internet protocol Security (IPSec) is a
protocols that allow secure, encrypted
communication between two computers.

 It protect IP packets

 Protect defense against network attack.

 It can be used in three different security

domain VPN, application security and routing
security.
 Component of IPSec:
◦ Encapsulating Security (ES): Provides data confidentiality,
authentication, encryption and integrity.

◦ Authentication Header (AH): Provides authentication integrity

and anti replay. The anti replay protection, protects against
unauthorized transmission of packets. It doesnot provide
encryption.

◦ Internet Key Exchange (IKE): Provides key management and

Security Association (SA) management. It is a network
security protocol designed to dynamically exchange
encryption keys and find a way between 2 devices
Application of Ipsec
 Secure branch office connectivity over the Internet.
◦ A company can build a secure VPN over the internet or over
public WAN. It reduce needs of private network, savings cost
and network management overhead.

 Secure remote access over the internet.

◦ An end user can gain access to company network with the help
of local ISP. This reduce charge for travelling and
telecommunications.

 Establishing Electronic Business Security.

◦ The use of IPsec enhances the web security. IPSec guarantees
that all traffic in network is encrypted and authenticated. It add
additional level of security than application layer

 Establishing extranet and intranet connectivity with

partners.
◦ Can be used to secure communication with other organizations,
ensuring authentication, confidentiality and providing key
exchange mechanism.
E-Payment Systems

Online Payment Categories

With invent of many digital infrastructure and

technology, the online payment systems have
advanced to many other efficient, reliable and
convenient systems as EFT, Smart Cards, Charge
cards, Digital Wallets, e-cash, e-check and so on…
Security Solution on E-Payment: Secured Socket layer

Customer
Secure Electronic Transaction
(SET)
Use of Dual Signature: Public & Private Key
Security Issues on E-Payment
systems
Protection of Personal Data
Security Issues on E-Payment
systems
Protection of Ownership
Security Issues on E-Payment
systems
Application of Digital Watermark
Security Issues on E-Payment systems
Security Approach
Security Issues on E-Payment systems
Security Management
 Smart Cards
 Magnetic stripe
◦ 140 bytes, cost $0.20-0.75

 Microprocessor cards
◦ Imbedded microprocessor
 (OLD) 8-bit processor, 16 KB ROM, 512 bytes
RAM
 Equivalent power to IBM XT PC, cost $7.00-
15.00
 32-bit processors now available
◦ Intelligent, active devices with defenses
Smart Card Structure

Microprocessor

Contacts
Card
(Upside-down) Epoxy

Contacts (8)