Professional Documents
Culture Documents
Introduction
Electronic payment system (EPS) is required to transfer money over the Internet. Electronic payment
systems are becoming central to online business process innovation as companies look for ways to
serve customers faster and at lower cost. Emerging innovations in the payment for goods and services
in e-commerce promise to offer a wide range of new business opportunities.
EPS and e-commerce are linked as online customers must pay and prompt payment is crucial. If the
claims and debits of the various participants customers, companies, banks, and non-banks are
not balanced, then the entire business chain is disrupted. Hence, e-commerce requires prompt and
secure payment, clearing, and settlement of credit and/or debit claims.
Conventional payment methods such as cash, checks, bank drafts, or bills of exchange are not well
suited for the speed required in e-commerce purchasing process. For example, these methods are too
slow for micro payments and produce high transaction costs for processing them. Therefore, new
methods of payment are needed to meet the emerging demands of e-commerce such as secure, low
processing cost, and widely acceptable.
Benefits to Sellers:
Speed and security of the transaction processing chain from verification and authorization
to clearing and settlement
Freedom from more costly labor, materials, and accounting services required in paper-
based processing
Better management of cash flow due to swift bank payment
Cost and risk savings
Electronic Cash
Electronic cash is a method used to transfer funds over the Internet as payment for goods and services.
Also commonly referred to as e-cash, it is a new concept in online payment systems as it combines
computerized convenience with security and privacy that improve on paper cash. It is a digital money
product that provides a way to pay for products and services without resorting to paper or coin
currency.
E-cash must have the following four properties:
i. Monetary Value: E-cash must have monetary value; i.e., it must be backed either by cash
(currency), bank-authorized credit, or bank-certified check.
ii. Interoperable: E-cash must be interoperable; i.e., it must be exchangeable as payment for
other e-cash, paper cash, goods or services, lines of credit (LC), deposits in banks, bank
notes, and the like.
iii. Retrievability: E-cash must be storable and retrievable; i.e., users must be able to store e-
cash on a remote computer’s memory, in smart cards, or in other standard or devices from
home or while traveling.
iv. Security: E-cash must be secure; i.e., it should not be easily copied or tampered while being
exchanged by preventing or detecting duplication and double-spending.
Like banknotes, e-cash can be withdrawn from and deposited to transaction demand deposit accounts.
And like banknotes, one person can transfer possession of a given amount of e-cash to another person.
But unlike cash, when a customer pays another customer an electronic bank will play an unobtrusive
but essential role.
To show how it all works, we'll explain how a withdrawal works, then follow the e-cash in a payment
to a merchant. Combining these two transactions, we can then understand why the customer perceives
that e-cash is paid from person to person without involving any bank. Finally the withdrawal is
explained in greater detail to illustrate the 'blind signature' concept, which is the foundation of the
privacy feature.
No physical coins are involved in the actual system of course, but the messages include strings of
digits, and each string corresponds to a different digital coin. Each coin has a denomination, or value,
so that a purse of digital coins is managed automatically by Alice's e-cash software. It decides which
denominations to withdraw and which to spend in particular payments.
Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 3
E-Commerce Unit 5: Electronic Payment System
An e-cash Purchase
Now that Alice has some e-cash on her hard drive, she can buy things from Bob's shop as shown in
Figure-2.
Having received a payment request from Bob, she agrees by ticking the 'Yes' box. Her e-cash software
chooses coins with the desired total value from the purse on her hard disk. Then it removes these coins
and sends them over the network to Bob's shop. After receiving the coins, Bob's software
automatically sends them on to the bank and waits for acceptance before sending the goods to Alice
along with a receipt.
To ensure that each coin is used only once, the bank records the serial number of each coin in its spent
coin database. If the coin serial number is already recorded, the bank has detected someone trying to
spend the coin more than once and informs Bob that it is a worthless copy. If, as will be the usual case,
no such serial number has been recorded, the bank stores it at that position and informs Bob that the
coin is valid and the deposit is accepted.
Benefits of E-cash
o Cost of using digital cash is extremely low.
o Greater privacy when shopping on the Internet.
Drawbacks of E-cash
o Susceptible to forgery, as double-spending would be a problem because it is very easy to make
copies of e-cash, forcing banks and merchants to take extra precautions.
o Though the cost per transaction is less, this system would simply be significantly too expensive
for handling high volumes of micro-payments because of its inability to be easily divided into
smaller amounts.
o Manner of implementation too complicated.
o Lack of standards and interoperable software that will run easily on a variety of hardware and
software systems.
o Not universally accepted.
o Not traceable for governments and legal authorities.
Electronic Check/Cheque
This is another form of electronic token or electronic version of a paper cheque. It is designed for
those who prefer to pay on credit or through some other mechanism other than cash.
In this model, buyers must register with a third-party account server before issuing an e-check. Once
registered, a buyer can then contact sellers of goods and services.
The account holder writes an e-cheque using a computer or other type of electronic device and
transmits the e-cheque to the payee electronically (mostly via e-mail). Like paper cheques, e-cheques
are signed by the payer and endorsed by the payee. Rather than handwritten or machine-stamped
signatures, however, e-cheques are affixed with digital signatures, using a combination of smart cards
and digital certificates. The payee deposits the e-cheque, receives credit, and the payee's bank clears
the e-cheque to the paying bank. The paying bank validates the e-cheque and then charges the cheque
writer's account.
The minimum security requirements supported by the e-cheque system are as follows:
♣ Confidentiality: Keeping information (e.g. e-mail message, payment order, etc.) secret.
♣ Authentication: Knowing and verifying the origin and/or destination of information.
♣ Integrity: Verifying that the data hasn’t been tampered with.
♣ Non-repudiation: Knowing that the data, once sent cannot be retracted or denied.
Advantages of E-checks
• Electronic cheques are safe and secure, convenient, fast and inexpensive.
• They work in the similar way as traditional checks, thus simplifying customer education.
• They are globally accepted, as any bank or any currency is acceptable with e-checks.
Disadvantages of E-checks
• Electronic cheques are not legal tender and other creditors may refuse to accept them.
• They may be valueless if the drawer has no funds in his/her account.
• Depositing cheques into an account is time consuming.
• Cheques are not suitable for small amounts, as the cost per transaction can be too high.
Compilation: Ajay K Shah (Associate Professor, Purbanchal University) 5
E-Commerce Unit 5: Electronic Payment System
Smart Cards
Smart cards have been in existence since the early 1990s and hold promise for secure transactions. A
smart card is a physical card that has an embedded integrated chip (IC) or microprocessor that is
capable of holding or storing large amount of data. Smart cards are typically the same size as a driver's
license or credit card and can be made out of metal or plastic.
The smart card technology is widely used universally for various applications such as to pay for public
phone calls, transportation, and shopping.
• Contact smart cards are the most common type of smart card. Contact smart cards are
inserted into a smart card reader that has a direct connection to a conductive contact plate on
the surface of the card. Commands, data and card status are transmitted over these physical
contact points.
• Contactless smart cards require only close proximity to a card reader to be read; no direct
contact is necessary for the card to function. The card and the reader are both equipped with
antennae and communicate using radio frequencies over the contactless link. A contactless
smart card functions by being put near the reader to be read.
• Hybrid smart cards contain more than one smart card technology. For example, a hybrid
smart card might have one embedded processor chip that is accessed through a contact reader
as well as an RFID-enabled chip used for proximity connection. The two different chips may
be used for different applications linked to a single smart card, as when the proximity chip is
used for physical access to restricted areas while the contact smart card chip is used for
single sign-on authentication.
• Memory smart cards contain memory chips only and can only store, read and write data to
the chip; the data on memory smart cards can be over-written or modified, but the card itself
is not programmable so data can't be processed or modified programmatically. Memory
smart cards can be read-only and used to store data such as a PIN, password or public key;
they can also be read-write and used to write or update user data. Memory smart cards can be
configured to be rechargeable or disposable, in which case they contain data that can only be
used once or for a limited time before being updated or discarded.
• Microprocessor smart cards have a microprocessor embedded onto the chip in addition to
memory blocks. A microprocessor card may also incorporate specific sections of files where
each file is associated with a specific function. The data in the files and the memory
allocation are managed with a smart card operating system. This type of card can be used for
more than one function and is usually designed to enable adding, deleting and otherwise
manipulating data in memory.
Smart cards can also be categorized by their application, such as credit card, debit card, entitlement or
other payment card, authentication token and so on.
Online credit card-based payment system can be broken into three categories:
1. Payments using plain credit card details
2. Payments using encrypted credit card detail
3. Payments using third party verification