E-Commerce Unit 5: Electronic Payment System

Introduction
Electronic payment system (EPS) is required to transfer money over the Internet. Electronic payment
systems are becoming central to online business process innovation as companies look for ways to
serve customers faster and at lower cost. Emerging innovations in the payment for goods and services
in e-commerce promise to offer a wide range of new business opportunities.
EPS and e-commerce are linked as online customers must pay and prompt payment is crucial. If the
claims and debits of the various participants  customers, companies, banks, and non-banks  are
not balanced, then the entire business chain is disrupted. Hence, e-commerce requires prompt and
secure payment, clearing, and settlement of credit and/or debit claims.
Conventional payment methods such as cash, checks, bank drafts, or bills of exchange are not well
suited for the speed required in e-commerce purchasing process. For example, these methods are too
slow for micro payments and produce high transaction costs for processing them. Therefore, new
methods of payment are needed to meet the emerging demands of e-commerce such as secure, low
processing cost, and widely acceptable.

Digital Payment Requirements or Characteristics of Electronic Payment System

For any digital payment system to succeed, the following features or criteria ought to be satisfied.
However, it is found that no known payment system satisfies all of these above characteristics.
• Acceptability: The payment should be available and accessible to a wide range of consumers
and sellers of goods and services.
• Convertibility: The electronic money should be interoperable and interchangeable with other
form of electronic cash, currency, and deposits in bank account.
• Efficiency: The cost per transaction or operation of digital payments should be close to zero
or negligible.
• Flexibility/Universality: The payment system should accept several form of payment rather
than limiting the user to pay in some specific currency.
• Atomicity: The transaction should occur completely or it should not occur at all.
• Isolation: The transaction must be independent of each other.
• Anonymity: The transaction should prevent third-parties from observing and tracking
spending habits. It should keep the confidential information confidential.
• Scalability: It should offer operations ranging from micro-payments to large business
payments.
• Security: The digital currency should be stored in the form that is resistant to double-
spending, replication, and tampering. It should offer protection from intruders trying to tap it
to unauthorized use when transmitting over internet.
• Non-repudiation: No party can deny its role in the transaction.
• Reliability: The payment should ensure and infuse confidence in users.
• Usability: The user of the payment mechanism should be able to use it as easily as real
currency.

Benefits of Electronic Payment System

Benefits to Buyers:
Convenience of global acceptance and a wide range of payment options
Enhanced security and reduced liability for stolen or misused cards
Consumer protection through an established system of dispute resolution
Convenient and immediate access to funds via debit cards
Accessibility to immediate credit

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 1

E-Commerce Unit 5: Electronic Payment System

Benefits to Sellers:
Speed and security of the transaction processing chain from verification and authorization
to clearing and settlement
Freedom from more costly labor, materials, and accounting services required in paper-
based processing
Better management of cash flow due to swift bank payment
Cost and risk savings

Types of Electronic Payment Systems

Online E-commerce Payments
Digital token-based payment systems
- E-cash (DigiCash)
- E-checks (NetCheque)
- Smart cards/Debit cards (Mondex e-currency card)
Credit card-based payment systems
- Plain credit cards
- Encrypted credit cards (WWW form-based encryption)
- Third-party authorization (First Virtual)

Digital Token-Based E-Payment Systems

The traditional methods  cash and check  are completely inadequate for today’s consumer-
oriented e-commerce environment, because of the following reasons:
• The parties will be in each other’s physical presence at some time.
• There will be sufficient delay in the payment process resulting into frauds, overdrafts, and
other desirables.
These reasons may not hold for e-commerce definition, and so many of these payment mechanisms are
being modified. Entirely new forms of financial instruments are also being developed. One such new
financial instrument is “electronic tokens”. These are designed as forms of digital payment backed by
a bank or financial institution.
Electronic or digital token based payments are of three types:
1. Cash or Real-time: Transactions are settled with the exchange of e-currency. (Example is e-cash)
2. Debit or Prepaid: Users pay in advance. (Examples are smart cards, e-purses)
3. Credit or Postpaid: The server authenticates the customers and verifies with the bank for
adequate funds before purchase. (Examples are credit/debit cards, e-checks)

Electronic Cash
Electronic cash is a method used to transfer funds over the Internet as payment for goods and services.
Also commonly referred to as e-cash, it is a new concept in online payment systems as it combines
computerized convenience with security and privacy that improve on paper cash. It is a digital money
product that provides a way to pay for products and services without resorting to paper or coin
currency.
E-cash must have the following four properties:
i. Monetary Value: E-cash must have monetary value; i.e., it must be backed either by cash
(currency), bank-authorized credit, or bank-certified check.
ii. Interoperable: E-cash must be interoperable; i.e., it must be exchangeable as payment for
other e-cash, paper cash, goods or services, lines of credit (LC), deposits in banks, bank
notes, and the like.

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 2

E-Commerce Unit 5: Electronic Payment System

iii. Retrievability: E-cash must be storable and retrievable; i.e., users must be able to store e-
cash on a remote computer’s memory, in smart cards, or in other standard or devices from
home or while traveling.
iv. Security: E-cash must be secure; i.e., it should not be easily copied or tampered while being
exchanged by preventing or detecting duplication and double-spending.

How E-Cash Works

E-cash is based on cryptographic systems called “digital signatures”. This method involves a pair of
numeric keys: one for locking (encoding) and the other for unlocking (decoding). Messages encoded
with one numeric key can only be decoded with the other numeric key and none other. By supplying
all customers with its public key, a bank enables customers to decode any message (or currency)
encoded with the bank’s private key. Every person using e-cash has an account at a digital bank on the
Internet. Using that account, people can withdraw and deposit e-cash.

Like banknotes, e-cash can be withdrawn from and deposited to transaction demand deposit accounts.
And like banknotes, one person can transfer possession of a given amount of e-cash to another person.
But unlike cash, when a customer pays another customer an electronic bank will play an unobtrusive
but essential role.
To show how it all works, we'll explain how a withdrawal works, then follow the e-cash in a payment
to a merchant. Combining these two transactions, we can then understand why the customer perceives
that e-cash is paid from person to person without involving any bank. Finally the withdrawal is
explained in greater detail to illustrate the 'blind signature' concept, which is the foundation of the
privacy feature.

Simple Withdrawal of e-cash

Figure-1 shows the two participants in the withdrawal transaction: the bank and customer, Alice. The
digital coins that have been withdrawn from Alice's account at the bank are on their way to her PC.
When they arrive, they will be stored along with some coins she already has on her hard disk.

No physical coins are involved in the actual system of course, but the messages include strings of
digits, and each string corresponds to a different digital coin. Each coin has a denomination, or value,
so that a purse of digital coins is managed automatically by Alice's e-cash software. It decides which
denominations to withdraw and which to spend in particular payments.
Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 3
E-Commerce Unit 5: Electronic Payment System

An e-cash Purchase
Now that Alice has some e-cash on her hard drive, she can buy things from Bob's shop as shown in
Figure-2.
Having received a payment request from Bob, she agrees by ticking the 'Yes' box. Her e-cash software
chooses coins with the desired total value from the purse on her hard disk. Then it removes these coins
and sends them over the network to Bob's shop. After receiving the coins, Bob's software
automatically sends them on to the bank and waits for acceptance before sending the goods to Alice
along with a receipt.

To ensure that each coin is used only once, the bank records the serial number of each coin in its spent
coin database. If the coin serial number is already recorded, the bank has detected someone trying to
spend the coin more than once and informs Bob that it is a worthless copy. If, as will be the usual case,
no such serial number has been recorded, the bank stores it at that position and informs Bob that the
coin is valid and the deposit is accepted.

Person-to-Person Cash Transfer

When a consumer receives a payment, the process could be the same. But some people may prefer that
when they receive money, it be made available on their hard disk immediately, ready for spending;
just like when someone hands them a five dollar bill. This user preference can be realized as depicted
in Figure-3.
The only difference between this payment from Alice to another consumer, Cindy, and the one Alice
paid to Bob's shop in Figure-2, is what happens after the bank accepts the cash. In Figure-3, Cindy has
configured her software to request the bank to withdraw the e-cash she has just deposited and send it
back to her PC as soon as the coins are accepted. Now when Alice sends Cindy five dollars, new coins
are immediately available to spend from Cindy's PC.

Benefits of E-cash
o Cost of using digital cash is extremely low.
o Greater privacy when shopping on the Internet.

Drawbacks of E-cash
o Susceptible to forgery, as double-spending would be a problem because it is very easy to make
copies of e-cash, forcing banks and merchants to take extra precautions.
o Though the cost per transaction is less, this system would simply be significantly too expensive
for handling high volumes of micro-payments because of its inability to be easily divided into
smaller amounts.
o Manner of implementation too complicated.

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 4

E-Commerce Unit 5: Electronic Payment System

o Lack of standards and interoperable software that will run easily on a variety of hardware and
software systems.
o Not universally accepted.
o Not traceable for governments and legal authorities.

Electronic Check/Cheque
This is another form of electronic token or electronic version of a paper cheque. It is designed for
those who prefer to pay on credit or through some other mechanism other than cash.
In this model, buyers must register with a third-party account server before issuing an e-check. Once
registered, a buyer can then contact sellers of goods and services.
The account holder writes an e-cheque using a computer or other type of electronic device and
transmits the e-cheque to the payee electronically (mostly via e-mail). Like paper cheques, e-cheques
are signed by the payer and endorsed by the payee. Rather than handwritten or machine-stamped
signatures, however, e-cheques are affixed with digital signatures, using a combination of smart cards
and digital certificates. The payee deposits the e-cheque, receives credit, and the payee's bank clears
the e-cheque to the paying bank. The paying bank validates the e-cheque and then charges the cheque
writer's account.

The minimum security requirements supported by the e-cheque system are as follows:
♣ Confidentiality: Keeping information (e.g. e-mail message, payment order, etc.) secret.
♣ Authentication: Knowing and verifying the origin and/or destination of information.
♣ Integrity: Verifying that the data hasn’t been tampered with.
♣ Non-repudiation: Knowing that the data, once sent cannot be retracted or denied.

Advantages of E-checks
• Electronic cheques are safe and secure, convenient, fast and inexpensive.
• They work in the similar way as traditional checks, thus simplifying customer education.
• They are globally accepted, as any bank or any currency is acceptable with e-checks.

Disadvantages of E-checks
• Electronic cheques are not legal tender and other creditors may refuse to accept them.
• They may be valueless if the drawer has no funds in his/her account.
• Depositing cheques into an account is time consuming.
• Cheques are not suitable for small amounts, as the cost per transaction can be too high.
Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 5
E-Commerce Unit 5: Electronic Payment System

Smart Cards
Smart cards have been in existence since the early 1990s and hold promise for secure transactions. A
smart card is a physical card that has an embedded integrated chip (IC) or microprocessor that is
capable of holding or storing large amount of data. Smart cards are typically the same size as a driver's
license or credit card and can be made out of metal or plastic.

The smart card technology is widely used universally for various applications such as to pay for public
phone calls, transportation, and shopping.

How Smart Cards Work

Smart card microprocessors or memory chips exchange data with card readers and other systems over
a serial interface. The smart card itself is powered by an external source, usually the smart card reader.
A smart card communicates with readers either via direct physical contact or using a short-range
wireless connectivity standard such as RFID (Radio-Frequency Identification) or NFC (Near-Field
Communication). The card reader then passes data from the smart card to its intended destination,
usually a payment or authentication system connected to the smart card reader over a network
connection.

Types of Smart Cards

Smart cards can be either relationship-based or electronic purse.
• A relationship-based smart card is an enhancement of existing card services with the addition of
new services that a financial institution delivers to its customers via chip-based card or other
device. The new services may include access to multiple accounts, bill payments, balance
inquiry, or funds transfer with multiple access points using devices such as an ATM or a PC.
• Electronic purse (e-purse), also known as e-wallet, is a replacement for e-money. It is a wallet-
sized card embedded with programmable microchips that store sums of money for people to use
instead of cash. E-wallet is a piece of software that stores payment information and transaction
history. It allows you to store multiple credit card and bank account numbers in a secure
environment, and eliminate the need to enter account information when making payment.
Smart cards can be categorized on different criteria including by how the card reads and writes data,
by the type of chip implanted in the card, and by the capabilities of that chip. Some of the different of
types of smart cards include:

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 6

E-Commerce Unit 5: Electronic Payment System

• Contact smart cards are the most common type of smart card. Contact smart cards are
inserted into a smart card reader that has a direct connection to a conductive contact plate on
the surface of the card. Commands, data and card status are transmitted over these physical
contact points.
• Contactless smart cards require only close proximity to a card reader to be read; no direct
contact is necessary for the card to function. The card and the reader are both equipped with
antennae and communicate using radio frequencies over the contactless link. A contactless
smart card functions by being put near the reader to be read.
• Hybrid smart cards contain more than one smart card technology. For example, a hybrid
smart card might have one embedded processor chip that is accessed through a contact reader
as well as an RFID-enabled chip used for proximity connection. The two different chips may
be used for different applications linked to a single smart card, as when the proximity chip is
used for physical access to restricted areas while the contact smart card chip is used for
single sign-on authentication.
• Memory smart cards contain memory chips only and can only store, read and write data to
the chip; the data on memory smart cards can be over-written or modified, but the card itself
is not programmable so data can't be processed or modified programmatically. Memory
smart cards can be read-only and used to store data such as a PIN, password or public key;
they can also be read-write and used to write or update user data. Memory smart cards can be
configured to be rechargeable or disposable, in which case they contain data that can only be
used once or for a limited time before being updated or discarded.
• Microprocessor smart cards have a microprocessor embedded onto the chip in addition to
memory blocks. A microprocessor card may also incorporate specific sections of files where
each file is associated with a specific function. The data in the files and the memory
allocation are managed with a smart card operating system. This type of card can be used for
more than one function and is usually designed to enable adding, deleting and otherwise
manipulating data in memory.
Smart cards can also be categorized by their application, such as credit card, debit card, entitlement or
other payment card, authentication token and so on.

Advantages of Smart Cards

• Feasible for very small transactions
• High levels of security
• Larger memory
• Multipurpose
• Programmable

Disadvantages of Smart Cards

• Low maximum transaction limit (not suitable for B2B or most B2C)
• High infrastructure costs (not suitable for C2C)
• Bank fees associated with card.

Credit Card-Based Payment System

A credit card is a system of payment named after the small plastic card issued to users of the system.
A credit card is different from a debit card in that it does not remove money from the user’s account
after every transaction. In the case of credit cards, the issuer lends money to the consumer (or the user)
to be paid to the merchant, which requires the balance to be paid in full each month.
Consumers and vendors prefer credit card-based payments to avoid complexity with digital cash and
e-checks. The process is so simple: If consumers want to purchase a product or service, they simply
send their credit card details to the service provider involved and the credit card organization will
handle this payment like any other.
Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 7
E-Commerce Unit 5: Electronic Payment System

Online credit card-based payment system can be broken into three categories:
1. Payments using plain credit card details
2. Payments using encrypted credit card detail
3. Payments using third party verification

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 8

E-Commerce Unit 5: Electronic Payment System

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 9

E-Commerce Unit 5: Electronic Payment System

Advantages of Credit Card-Based Payment System

• Purchasing Power: Credit cards enable users to make big purchases they might not otherwise
be able to afford.
• Rewards: Many cards offer rewards programs that will accrue points, discounts, or other
benefits like frequent flyer miles.
• Convenience: Credit cards reduce the need to carry cash. Most retailers accept credit cards and
they are pretty much required for online purchases.
• Trackability: The electronic record keeping that comes with credit cards makes it easy to
track your spending and identify fraud.
• Emergency use: There are times when money is the simple solution to an emergency. If you
get hit with an unexpected expense, credit cards can be the quick and easy solution you need.
• Builds credit history: Responsible use of a credit card over time builds your credit history,
qualifying you for better interest rates and other financial benefits.
Disadvantages of Credit Card-Based Payment System
• Overspending: Credit cards can make life easier, but they can also make overspending easier
as well. With a credit card, you’re spending money you don’t necessarily have yet. If you’re
not careful, this can quickly lead to unexpected debt.
• Interest and fees: Using credit is essentially borrowing. And you’re not borrowing for free.
Mismanaging a credit card can lead not only to a high balance, or maxed-out card, but also to
debt in the form of interest and fees.
• Fraud: Credit cards (and other electronic forms of payment) carry unique dangers. Credit
cards can be stolen, their numbers can be copied, and they can be used to steal your money and
identity.
• Mounting debt: If you carry a balance on your credit card from month to month, it can be very
easy for charges and interest to rack up. Many people don’t expect credit cards to be gateways
to extra debt, but if you’re not careful, that’s exactly what happens.

Risks on Electronic Payment System

1. Risks from mistakes and disputes : consumer protection
The need for record-keeping for purposes of risk management conflicts with the transaction
anonymity. Some desire transaction anonymity because of too many taxes, smuggling, and
money laundering. However, many believe that anonymity opposes to the public welfare.
There is considerable debate at this point. In sum, bankers and governments prefer
automatic record-keeping to resolve to resolve mistakes and disputes easily. And customers
expect some regulation covering consumer protection in electronic transactions.
2. Managing information privacy
The electronic payment system must ensure and maintain privacy. Every time one
purchases goods using a credit card, that information goes into the database. This reflects
what items were brought, and where and when, which violates law of doing business that
the privacy of customers should be protected as much as possible.
3. Managing credit risk
There is always a possibility of bank's failure to settle its net position (claims and debits),
leading to a chain reaction of bank failures. A digital central bank must develop policies to
deal with this possibility.

Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 10