Your SlideShare is downloading. ×
E-business by G. Schneider - Chapter 11 (edition 9)
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

E-business by G. Schneider - Chapter 11 (edition 9)


Published on

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. E- Business Ninth Edition Chapter 11Online Payment Systems 1
  • 2. Learning ObjectivesIn this chapter, you will learn about:• The basic functions of online payment systems• The use of payment cards in electronic commerce• The history and future of electronic cash• How electronic wallets work• The use of stored-value cards in electronic commerce• Internet technologies and the banking industryE-Business, Ninth Edition 2
  • 3. Online Payment Basics• Online payment systems – Still evolving • Competition for dominance – Cheaper than mailing paper checks – Convenient for customers – Save companies money• Costs per bill – Billing by mail: between $1.00 and $1.50 – Internet billing and payment costs: 50 cents• Significant environmental impactE-Business, Ninth Edition 3
  • 4. Online Payment Basics (cont’d.)• Four ways to purchase items (traditional and electronic) – Cash, checks, credit cards, debit cards • 90% of all United States consumer payments• Electronic transfer: small but growing segment – Popular example: automated payments• Credit cards – Worldwide: 90% of online payments – United States: 97% of online payments – Noncard payment alternatives (PayPal) becoming increasingly popularE-Business, Ninth Edition 4
  • 5. FIGURE 11-1 Forecasted forms of payment for U.S. consumer transactionsE-Business, Ninth Edition 5
  • 6. Online Payment Basics (cont’d.)• Scrip – Digital cash minted by a company • Cannot be exchanged for cash • Exchanged for goods or services – Like a gift certificate: good at more than one store – Current scrip offerings (eScrip) • Focus: not-for-profit fundraising market – Popular scrip use • Has not materializedE-Business, Ninth Edition 6
  • 7. Online Payment Basics (cont’d.)• Online business payment requirements – Safe, convenient, widely accepted• Companies sell payment processing package serviceE-Business, Ninth Edition 7
  • 8. FIGURE 11-2 Payment processing service offerings of Payment OnlineE-Business, Ninth Edition 8
  • 9. Payment Cards• Payment card – Describes all types of plastic cards used to make purchases – Categories: credit cards, debit cards, charge cards• Credit card (Visa, MasterCard) – Spending limit based on user’s credit history – Pay off entire credit card balance • May pay minimum amount – Card issuers charge unpaid balance interest – Widely accepted – Consumer protection: 30-day dispute periodE-Business, Ninth Edition 9
  • 10. Payment Cards (cont’d.)• Credit card (cont’d.) – Card not present transactions • Cardholder not present during transaction • Extra degree of risk for merchant and bank• Debit card – Removes sales amount from cardholder’s bank account – Transfers sales amount to seller’s bank account – Issued by cardholder’s bank • Carries major credit card issuer nameE-Business, Ninth Edition 10
  • 11. Payment Cards (cont’d.)• Charge card (American Express) – No spending limit – Entire amount due at end of billing period – No line of credit or interest charges – Examples: department store, oil company cards• Retailers may offer their own charge cardsE-Business, Ninth Edition 11
  • 12. Payment Cards (cont’d.)• Single-use cards – Cards with disposable numbers • Addresses concern of giving online vendors payment card numbers • Valid for one transaction only • Designed to prevent unscrupulous vendor fraud – Withdrawn from the market • Problem: required different consumer behaviorE-Business, Ninth Edition 12
  • 13. Advantages and Disadvantages of Payment Cards• Advantage for merchants – Fraud protection • Can authenticate and authorize purchases using a payment card processing network• Advantage for U.S. consumers – Liability of fraudulent card use: $50 • Frequently waived if card stolen• Greatest advantage – Worldwide acceptance • Currency conversion handled by card issuerE-Business, Ninth Edition 13
  • 14. Advantages and Disadvantages of Payment Cards (cont’d.)• Disadvantage for merchants – Per-transaction fees, monthly processing fees • Viewed as cost of doing business – Goods and services prices: slightly higher • Compared to environment free of payment cards• Disadvantage for consumers – Annual fee• Provide built-in security for merchants – Assurance of payments• Card transaction steps transparent to consumersE-Business, Ninth Edition 14
  • 15. Payment Acceptance and Processing• Internet payment card process made easier – Due to standards• EMV standard – Single standard handling payment card transactions – Visa, MasterCard, MasterCard International• United States online stores, mail order stores – Must ship merchandise within 30 days of charging payment • Significant violation penalties • Charge account when shippedE-Business, Ninth Edition 15
  • 16. Payment Acceptance and Processing (cont’d.)• General steps in payment card transactions – Merchant receives consumer’s payment card information • Merchant authenticates payment card to ensure validity • Merchant checks with payment card issuer to ensure credit or funds available • Puts a hold on credit line or funds needed to cover the charge • Settlement occurs (few days after purchase) • Funds travel between banksE-Business, Ninth Edition 16
  • 17. Payment Acceptance and Processing (cont’d.)• Open and closed loop systems – Closed loop systems • Card issuer pays merchant directly • Does not use intermediary • American Express, Discover Card – Open loop systems (three or more parties) • Third party (intermediary bank) processes transaction • Visa, MasterCard: not issued directly to consumers • Credit card associations: operated by association member banks • Customer issuing banks: banks issuing cardsE-Business, Ninth Edition 17
  • 18. Payment Acceptance and Processing (cont’d.)• Merchant accounts – Merchant bank (acquiring bank) • Bank wanting to accept payment cards – Merchant account required to process Internet transactions payment cards – Obtaining account • Merchant provides business information • Bank assesses business type risk • Bank assesses percentage of sales likely to be contestedE-Business, Ninth Edition 18
  • 19. Payment Acceptance and Processing (cont’d.)• Merchant accounts (cont’d.) – Chargeback process • Cardholder successfully contests charge • Merchant bank must retrieve money from merchant account • Merchant may have to cover chargeback potential – Problem facing online businesses: fraud • 10 percent of all credit card transactions completed online • Responsible for 70 percent of total dollar amount of credit card fraudE-Business, Ninth Edition 19
  • 20. Payment Acceptance and Processing (cont’d.)• Merchant accounts (cont’d.) – Online transaction fraud increased steadily through 2009 – Fraud losses dropped 18 percent from 2008 to 2009 • Scoring services providing risk ratings for individual transactions in real time • Shipping only to card billing address • Requiring card verification numbers (CVNs) for card not present transactions – CVN • Three- or four-digit number printed on the credit card • Not encoded in the card’s magnetic stripE-Business, Ninth Edition 20
  • 21. Payment Acceptance and Processing (cont’d.)• Processing payment cards online – Payment processing service providers • Companies offering payment card processing – Example: InternetSecure • Supports Canadian and U.S. Visa and MasterCard payments • Provides risk management and fraud detection • Handles online merchants’ transactions • Uses existing bank-approved payment card processing infrastructure, secure links, firewalls • Notifies merchant of all approved orders and supplies buyer authorization codesE-Business, Ninth Edition 21
  • 22. Payment Acceptance and Processing (cont’d.)• Processing payment cards online (cont’d.) – FirstData and Merchant Warehouse • Provide credit card processing software and services – Automated Clearing House (ACH) • Network of banks connecting credit card processing software vendors and card authorization companies – More information • EPN, NACHA - The Electronic Payments Association, The Clearing House, U.S. Federal Reserve Bank’s Federal Reserve Financial Services siteE-Business, Ninth Edition 22
  • 23. FIGURE 11-3 Processing a payment card transactionE-Business, Ninth Edition 23
  • 24. Payment Acceptance and Processing (cont’d.)• Processing payment cards online (cont’d.) – InfoSpace’s Authorize.Net • Online, real-time payment card processing service • Merchants link to system by inserting small HTML code block into transaction page • Order encrypted, transferred to Authorize.Net server • Server relays transaction to bank network • Customers not aware of third-party supplier (usually)E-Business, Ninth Edition 24
  • 25. Electronic Cash• Electronic cash (e-cash, digital cash) – Describes any value storage and exchange system created by private (nongovernmental) entity • Does not use paper documents or coins • Can serve as substitute for government-issued physical currency• Readily exchanged for physical cash on demand• Problems – No standard among all electronic cash issuers – Not universally acceptedE-Business, Ninth Edition 25
  • 26. Electronic Cash (cont’d.)• Recall from previous section: – Banks make money by charging merchants a credit card processing fee on each transaction• Fee ranges: one percent to four percent of the transaction value• Banks often impose a minimum fee – 20 cents or more per transaction• Banks charge electronic commerce sites – More than similar brick-and-mortar storesE-Business, Ninth Edition 26
  • 27. Electronic Cash (cont’d.)• Stores accepting credit cards may require: – Minimum purchase amount of $10 or $15• Small purchases not profitable for merchants – Bank credit card fees greater than profits• Factors favoring electronic cash – Potentially significant electronic cash market • Internet small purchases (below $10) – Most of world’s population does not have credit cards• Idea of electronic cash refuses to dieE-Business, Ninth Edition 27
  • 28. Micropayments and Small Payments• Micropayments – Internet payments for items costing few cents to a dollar• Micropayments barriers – Not implemented very well on the Web yet – Human psychology • People prefer to buy small value items in fixed price chunks • Example: mobile phone fixed monthly payment plansE-Business, Ninth Edition 28
  • 29. Micropayments and Small Payments (cont’d.)• Companies that have developed micropayment systems – Millicent, DigiCash, Yaga, BitPass • All failed – No company gained broad acceptance of its system – No company devoted solely to offering micropayment servicesE-Business, Ninth Edition 29
  • 30. Micropayments and Small Payments (cont’d.)• Small payments – All payments of less than $10 – Being offered through mobile telephone carrier • Buyers make purchases using their mobile phones • Charges appear on monthly mobile phone bill • Bright future held back by mobile carriers’ substantial chargesE-Business, Ninth Edition 30
  • 31. Privacy and Security of Electronic Cash• Electronic payment method concerns – Privacy and security, independence, portability, convenience – Privacy and security: most important to consumers • Vulnerable transactions • Electronic currency: copied, reused, forged• Important characteristics of electronic cash – Ability to spend only once – Anonymous use – ConvenienceE-Business, Ninth Edition 31
  • 32. Holding Electronic Cash: Online and Offline Cash• Online cash storage – Consumer has no personal possession of electronic cash • Trusted third party (online bank) involved in all transfers, holds consumers’ cash accounts• Online system payment – Merchants contact consumer’s bank • Helps prevent fraud (confirm valid cash) • Resembles process of checking with consumer’s bank to ensure valid credit card and matching nameE-Business, Ninth Edition 32
  • 33. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Offline cash storage – Virtual equivalent of money kept in wallet – Customer holds it • No third party involved in transaction – Protection against fraud concern • Hardware or software safeguards needed – Double-spending • Spending electronic cash twice • Submit same electronic currency to two different vendors • Not enough time to prevent fraudulent actE-Business, Ninth Edition 33
  • 34. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Main deterrent to double-spending – Threat of detection and prosecution• Keys to creating tamperproof electronic cash traceable back to origins – Cryptographic algorithms – Two-part lock • Provides anonymous security • Signals an attempt to double-spend cashE-Business, Ninth Edition 34
  • 35. Holding Electronic Cash: Online and Offline Cash (cont’d.)• When second transaction occurs – Complicated process reveals: • Attempted second use • Identity of original electronic cash holder• Electronic cash used correctly – Maintains user’s anonymity• Double-lock procedure – Protects anonymity of electronic cash users – Simultaneously provides built-in safeguards to prevent double-spendingE-Business, Ninth Edition 35
  • 36. FIGURE 11-4 Detecting double-spending of electronic cashE-Business, Ninth Edition 36
  • 37. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Double-spending – Neither detected nor prevented with truly anonymous electronic cash• Anonymous electronic cash – Cannot be traced back to person who spent it• Tracing electronic cash – Attach serial number to each electronic cash transaction • Cash positively associated with particular consumer • Does not solve double-spending problemE-Business, Ninth Edition 37
  • 38. Holding Electronic Cash: Online and Offline Cash (cont’d.)• Single issuing bank can detect when two deposits of same electronic cash are about to occur – Impossible to ascertain fault (consumer or merchant)• Electronic cash containing serial numbers – No longer anonymous • One reason to acquire electronic cash – Raises privacy issues • Using serial numbers to track consumers’ spending habitsE-Business, Ninth Edition 38
  • 39. Advantages and Disadvantages of Electronic Cash• Traditional brick-and-mortar billing methods – Costly and inefficient• Online stores have the same payment collection inefficiencies• Online customers use credit cards to pay for purchases• Online auction customers use conventional payment methods – Checks, money ordersE-Business, Ninth Edition 39
  • 40. Advantages and Disadvantages of Electronic Cash (cont’d.)• Electronic cash system – Less popular than other payment methods – Provides unique advantages and disadvantages• Advantages of electronic cash transactions – More efficient (less costly) • Efficiency fosters more business (lower prices) – Occurs on existing infrastructure (Internet) – Does not require one party to obtain authorizationE-Business, Ninth Edition 40
  • 41. Advantages and Disadvantages of Electronic Cash (cont’d.)• Disadvantages of electronic cash transactions – No audit trail – Money laundering • Technique criminals use to convert money illegally obtained into spendable cash • Purchase goods, services with ill-gotten electronic cash • Goods sold for physical cash on open market• Electronic cash has not yet become a global success – Will require wide acceptance and solution to problem of multiple electronic cash standardsE-Business, Ninth Edition 41
  • 42. Advantages and Disadvantages of Electronic Cash (cont’d.)• Creating truly anonymous electronic cash – Bank issues electronic cash with embedded serial numbers • Bank digitally signs electronic cash while removing association of cash with particular customerE-Business, Ninth Edition 42
  • 43. Electronic Cash Systems• Electronic cash – More successful in Europe and Japan • Consumers prefer to use cash (does not work well for online transactions) • Electronic cash fills important need – Not successful in United States • Consumers have payment cards and checking accounts• KDD Communications (KCOM) – Internet subsidiary: Japan’s largest phone company – Offers electronic cash through NetCoin CenterE-Business, Ninth Edition 43
  • 44. Electronic Cash Systems (cont’d.)• Reasons for failure of United States electronic cash systems – Electronic cash systems implementation • Required to download and install complicated client- side software that ran in conjunction with browser – Number of competing technologies • No standards developed • Array of proprietary electronic cash alternatives – No interoperable software • Runs transparently on variety of hardware configurations and different software systemsE-Business, Ninth Edition 44
  • 45. Electronic Cash Systems (cont’d.)• PayPal – Payment processing services to businesses, individuals – Earns profit from float • Money deposited, not used immediately – Charges transaction fee • Businesses using service to collect payments – Peer-to-peer (P2P) payment system • Free payment clearing service for individuals • Payments from one type of entity to another of the same typeE-Business, Ninth Edition 45
  • 46. Electronic Cash Systems (cont’d.)• PayPal (cont’d.) – Eliminates writing and mailing checks or payment cards – Send money instantly and securely to anyone with an e-mail address – Convenient for auction bidders to pay for purchases – Convenient for auction sellers • Eliminates risks posed by other online payment types – Transactions clear instantly – Redemption • PayPal check or direct deposit to checking accountsE-Business, Ninth Edition 46
  • 47. Electronic Cash Systems (cont’d.)• PayPal (cont’d.) – Merchants and consumers first register for PayPal account • No minimum amount account balance • Add money by authorizing checking accounts transfer, using credit card • Merchants need PayPal accounts to accept PayPal paymentsE-Business, Ninth Edition 47
  • 48. Electronic Wallets• Consumer concerns when shopping online – Entering detailed shipping and payment information for each online purchase – Filling out forms• Solution – Allows customer to store name, address, credit card information on the site – Problem • Consumers must enter information at each siteE-Business, Ninth Edition 48
  • 49. Electronic Wallets (cont’d.)• Electronic wallet (e-wallet) – Holds credit card numbers, electronic cash, owner identification, owner contact information – Provides information at electronic commerce site checkout counter – Benefit: consumer enters information once • More efficient shopping• Server-side electronic wallet – Stores customer’s information on remote server of merchant or wallet publisher – No download time or installation on user’s computerE-Business, Ninth Edition 49
  • 50. Electronic Wallets (cont’d.)• Server-side electronic wallet (cont’d.) – Main weakness • Security breach can reveal thousands of users’ personal information (credit card numbers)• Client-side electronic wallet – Stores information on consumer’s computer – Disadvantages • Must download wallet software onto every computer • Not portable – Advantage • Sensitive information stored on user’s computerE-Business, Ninth Edition 50
  • 51. Electronic Wallets (cont’d.)• Characteristics of useful wallets – Wallet accessibility • Populate data fields in any merchant’s forms for any site consumer visits – Electronic wallet manufacturer and merchants from many sites must coordinate efforts • Wallet recognizes consumer information going into each field of given merchant’s formsE-Business, Ninth Edition 51
  • 52. Electronic Wallets (cont’d.)• Electronic wallets can: – Store shipping and billing information – Hold credit card names, numbers • Offers consumer choice of credit cards at online checkout – Hold electronic cash from various providersE-Business, Ninth Edition 52
  • 53. Electronic Wallets (cont’d.)• MasterCard electronic wallet – Abandoned effort • Current major browsers include feature to remember names, addresses, other commonly requested information • Browser provides one-click Web form field completion – Two e-wallet arena survivors • Microsoft Windows Live ID • Yahoo! WalletE-Business, Ninth Edition 53
  • 54. Microsoft Windows Live ID• Formerly called Passport, Microsoft .NET Passport• Single sign-in service – Includes server-side electronic wallet – Operated by Microsoft• All personal data entered into Windows Live ID wallet – Encrypted and password protectedE-Business, Ninth Edition 54
  • 55. Microsoft Windows Live ID (cont’d.)• Four integrated services – Single sign-in service (SSI) • Allows user to sign in using username and password – Wallet service • Provides electronic wallet functions – Kids service • Helps parents protect, control children’s online privacy – Public profiles • Allows consumers to create public page of information about themselvesE-Business, Ninth Edition 55
  • 56. Yahoo! Wallet• Server-side electronic wallet offered by Yahoo!• Completes order forms automatically – Identifying information, credit card payment information• Stores information• Accepted by: – Thousands of Yahoo! Store merchants, Yahoo! Travel – Yahoo! Services • Premium e-mail storage, Web hosting feesE-Business, Ninth Edition 56
  • 57. Yahoo! Wallet (cont’d.)• Yahoo! advantage – Hosts many services and shops • Large number of merchants accept wallet• Privacy concern – Company issuing wallet has access to much information about individual using walletE-Business, Ninth Edition 57
  • 58. Stored-Value Cards• Microchip smart card or magnetic strip plastic card – Records currency balance• Microchip versus magnetic strip – Microchip stores more information – Tiny microchip computer processor • Performs calculations and storage operations on card – Different microchip card reader needed• Examples: prepaid phone, copy, subway, bus cards• “Stored-value card” and “smart card” used interchangeablyE-Business, Ninth Edition 58
  • 59. Magnetic Strip Cards• Holds rechargeable value• Passive magnetic strip cards cannot: – Send or receive information – Increment or decrement cash value stored• Processing done on device into which card inserted• Magnetic strip cards and smart cards store electronic cash – Smart card better suited for Internet payment transactionsE-Business, Ninth Edition 59
  • 60. Smart Cards• Stored-value card – Plastic card with embedded microchip• Credit, debit, charge cards store limited information on magnetic strip• Information storage – About 100 times more than magnetic strip plastic card• Holds private user data – Financial facts, encryption keys, account information, credit card numbers, health insurance information, medical recordsE-Business, Ninth Edition 60
  • 61. Smart Cards (cont’d.)• Safer than conventional credit cards – Information encrypted on smart card• Popular in Europe, parts of Asia – Public telephone calls, cable television programs – Hong Kong • Retail counters, restaurant cash registers have smart card readers • Octopus: public transportation smart card can be reloaded at transportation locations, 7-Eleven storesE-Business, Ninth Edition 61
  • 62. Smart Cards (cont’d.)• Beginning to appear in United States – San Francisco TransLink integrated ticketing system for public transportation• Smart Card Alliance – Advances smart card benefits – Promotes widespread acceptance of multiple- application smart card technology – Promotes compatibility among smart cards, card reader devices, applicationsE-Business, Ninth Edition 62
  • 63. Internet Technologies and the Banking Industry• Paper checks – Largest dollar volume of payments – Processed through world’s banking system• Other major payment forms – Involve banks one way or another• Banking industry Internet technologies – Providing new tools – Creating new threatsE-Business, Ninth Edition 63
  • 64. Check Processing• Old method of physical check processing – Person wrote check; retailer deposited check in bank account – Retailer’s bank sent paper check to clearinghouse • Clearinghouse managed fund transfer (consumer’s bank to retailer’s account) – Paper check transported to consumer’s bank – Send cancelled check to consumer• Banks now provide PDF images of processed checksE-Business, Ninth Edition 64
  • 65. Check Processing (cont’d.)• Disadvantage of paper checks – Cost of transporting tons of paper checks – Float • Delay between the time person writes check and the time check clears person’s bank • Bank’s customer obtains free use of funds for few days • Bank loses use of funds for same time period • Can become significantly longer than a few daysE-Business, Ninth Edition 65
  • 66. Check Processing (cont’d.)• Technologies helping banks reduce float – 2004 U.S. law: Check Clearing for the 21st Century Act (Check 21) • Banks eliminate movement of physical checks entirely• Check 21-compliant world – Retailer scans customers check – Scanned image transmitted instantly • Through clearing system – Posts almost immediately to both accounts • Eliminates transaction floatE-Business, Ninth Edition 66
  • 67. Mobile Banking• Banks exploring mobile commerce potential• 2009: banks launched sites allowing customers using smart phones to: – Obtain bank balance, view account statement, find a nearby ATM• Future plans – Offering downloadable applications smart phone users can install • Use to transact all types of banking businessE-Business, Ninth Edition 67
  • 68. Criminal Activity and Payment Systems: Phishing and Identity Theft• Online payment systems – Offer criminals and criminal enterprises an attractive arena in which to operate • Average consumers: easy prey • Large amounts of money provide tempting targets – Phishing expedition • Technique for committing fraud against online businesses customers • Particular concern to financial institutionsE-Business, Ninth Edition 68
  • 69. Phishing Attacks• Basic structure – Attacker sends e-mail message • To accounts with potential for an account at targeted Web site – E-mail message tells recipient: account compromised • Recipient must log on to account to correct problem – E-mail message includes link • Appears to be Web site login page • Actually leads to perpetrator’s Web site disguised to look like the targeted Web siteE-Business, Ninth Edition 69
  • 70. Phishing Attacks (cont’d.)• Basic structure (cont’d.) – Recipient enters login name, password • Perpetrator captures • Uses to access recipient’s account • Perpetrator accesses personal information, makes purchases, withdraws fundsE-Business, Ninth Edition 70
  • 71. FIGURE 11-5 Phishing e-mail messageE-Business, Ninth Edition 71
  • 72. FIGURE 11-5 Phishing e-mail message (cont’d.)E-Business, Ninth Edition 72
  • 73. Phishing Attacks (cont’d.)• Spear phishing – Carefully designed phishing expedition targeting a particular person or organization – Requires considerable research – Increases chance of e-mail being opened – Example: 2008 government stimulus checks • Phishing e-mails appeared within one week of passageE-Business, Ninth Edition 73
  • 74. Phishing Attacks (cont’d.)• E-mail link disguises and tricks – Example: Web server ignores all characters preceding “@”: • • Link appears different in e-mail • Phony site invisible due to JavaScript code – Pop-up windows • Look exactly like browser address bar – Including Web site graphics of financial institutions • Looks more convincingE-Business, Ninth Edition 74
  • 75. FIGURE 11-6 Phishing e-mail with graphicsE-Business, Ninth Edition 75
  • 76. Using Phishing Attacks for Identity Theft• Organized crime (racketeering) – Unlawful activities conducted by highly organized, disciplined association for profit – Differentiated from less-organized groups – Internet providing new criminal activity opportunities • Generates spam, phishing, identity theft• Identity theft – Criminal act: perpetrator gathers victim’s personal information – Uses information to obtain credit – Perpetrator runs up account charges and disappearsE-Business, Ninth Edition 76
  • 77. FIGURE 11-7 Types of personal information most useful to identity thievesE-Business, Ninth Edition 77
  • 78. Using Phishing Attacks for Identity Theft (cont’d.)• Large criminal organizations – Efficient perpetrators of identity theft • Exploit large amounts of personal information quickly and efficiently – Sell or trade information that is not of immediate use • Other worldwide organized crime entities – Zombie farm • Large number of computers implanted with zombie programs – Pharming attack • Hacker sells right to use zombie farm to organized crime associationE-Business, Ninth Edition 78
  • 79. Using Phishing Attacks for Identity Theft (cont’d.)• Two elements in phishing – Collectors: collect information – Cashers: use information – Require different skills• Crime organizations facilitate transactions between collectors and cashers – Increases phishing activity efficiency, volume• Each year – More than a million people fall victim – Financial losses exceed $500 millionE-Business, Ninth Edition 79
  • 80. Phishing Attack Countermeasures• Change protocol – Improve e-mail recipients’ ability to identify message source • Reduce phishing attack threat• Educate Web site users• Contract with consulting firms specializing in anti- phishing work• Monitor online chat rooms used by criminalsE-Business, Ninth Edition 80
  • 81. Summary• Online stores: payment forms – Credit, debit, charge cards (payment cards) • Ubiquitous, convenient, easy to use – Electronic cash advantages and potential uses • Making micropayments, stored online or offline – Electronic wallets provide convenience – Stored-value cards • Smart cards, magnetic strip cardsE-Business, Ninth Edition 81
  • 82. Summary (cont’d.)• Banks process most monetary transactions – Use Internet technologies to process checks• Concerns: phishing expeditions, identity theftE-Business, Ninth Edition 82