Professional Documents
Culture Documents
grow at an ever-increasing rate over the next few years, with on-line
sales already heading for several billion.
Many companies are using this new sales channel, and a few retailers
now have established major on-line sales sites.
• It can be held & used by anyone, even those without a bank certificate.
• They are identification cards owned by the issuer and restricted to one
user i.e. cannot be given away.
They use digital signatures for signing and endorsing and require the
use of digital certificates to authenticate the payer, the payer’s bank
and bank account.
• They can serve corporate markets. Firms can use them in more cost-
effective manner.
5. Debit Card: Debit cards are also known as cheque cards and look
like credit cards or Automated teller Machine (ATM) cards but they
operate like cash or personal checks.
While credit card is a way to “pay later”, a debit card is a way to
“pay now”. When a debit card is used, money is deducted
immediately form the related bank account and hence they offer an
alternative to carrying a cheques-book or cash.
iv. Its holders can have a record of the transactions in his bank
statement which will enable him to plan and control the expenditure.
v. It can be issued to any individual without assessing credit worthiness.
iii. Increasing online commerce: The above two factors have lead
many institutions to go online and many others are following them.
• Some of those risks are generic to banking business, others are specific
to electronic payments, such as interception of messages, bread-in
into security infrastructure.
• Operational risk may also arise form customer misuse, and from
inadequately designed or implemented electronic banking and
electronic money systems.
ii. Credit Risk: Credit risk is the risk that a counter party will not settle
an obligation for full value, either when due or at any time thereafter.
iii. Legal Risk: Legal risk arises from violations of, or non-conformance
with laws, rules, regulations, or prescribed practices, or when the
legal rights and obligations of parties to a transaction are not well
established.
• Given the relatively new nature of many retail electronic banking and
electronic money activities, rights and obligations of parties to such
transactions are, in some cases, uncertain. For example, application of
some consumer protection rules to electronic banking and electronic
money activities in some countries may not be clear.
• In addition, legal risk may arise from uncertainty about the validity of
some agreements formed via electronic media.
Banks increase their ability to control and manage the various risks
inherent in any activity when policies and procedures are set out in
written documentation and made available to all relevant staff.
• Firstly, each party involved in the transaction must be sure that its
counterparty is exactly what she tells she is, or in other words, People
involved must be identified.
• Finally, buyers must be certain that the information they get about
the payment are reliable.
It is the science of writing in secret code and is an ancient art. The first
documented use of cryptography in writing dates back to 1900 B.C.
when an Egyptian scribe used non-standard hieroglyphs in an
inscription.
Fig:- Cryptography
There are two cryptographic methods being used in electronic
payment systems:-
• Secret-key cryptography not only deals with encryption, but also with
authentication.
This is a seamless process and the customer does not has to directly
interact with the gateway; as data is forwarded to the gateway via the
shopping cart and a secure (SSL) connection.
• The customer.
In the online world, the card is ‘not present’ at the transaction. That is
why the merchant must take additional steps to verify that the card
information is being submitted by the actual owner of the card.
The merchant accepts or rejects the transaction and ships the goods
if necessary.
The Must Know Things About Fraud: Credit card fraud can be a
significant problem for customers, merchants, and credit card issuers.
This means that the merchant does not receive payment for a
fraudulent online transaction. Hence, it is important to limit the risk
as an online merchant.
ii. Make sure that the payment gateway provider offers real-time credit
card authorization results. This ensures that the credit card has not
been reported as lost or stolen and that it is a valid card number.
iv. Use Card Security Codes, known as CVV2 for Visa, CVVC for
MasterCard, and CID for American Express. For American Express,
the code is a four-digit number that appears on the front of the card
above the account number. For Visa and MasterCard, the code is a
three-digit number that appears at the end of the account number
on the back of the card.
The code is not printed on any receipts and provides additional
assurance that the actual card is in possession of the person
submitting the transaction.
As a merchant, one can ask for this code on the online order form as
even if it is not used for processing, simply asking for it acts as a
strong deterrent against fraud.
v. Watch for multiple orders for easily resold items such as electronic
goods purchased on the same credit card.
vi. Develop a negative card and shipping address list and cross-check
transactions against it. Many perpetrators will go back to the same
merchant again and again to make fraudulent transactions.