The document outlines an introduction to online payment systems and security. It discusses various payment methods including payment cards, electronic cash, electronic wallets, and stored-value cards. It also covers online payment processing, merchant accounts, and open and closed-loop payment systems. The document then discusses Internet technologies used by banks including check processing and mobile banking. It concludes by covering criminal activities like phishing and identity theft that target payment systems.
5. Ecommerce architecture/
framework
• To carry out electronic business successfully, Web sites must
provide reliable connectivity and 24 by 7 availability.
• Corporate Web sites must also address user scalability and
performance to simultaneously handle thousands of Internet
connections to their data repositories.
6. Database
Collection information that is stored on a computer in a
highly structured way
DBMS is software that makes it easy for users to enter,
edit, update and retrieve information in the database
Usually the database that serves an online store is the
same one that is used by the company’s existing sales
operations.
7. Middleware
Middleware can be described as "software glue".
Thus middleware is not obviously part of an operating
system, not a database management system, and neither
is it part of one software application.
Middleware makes it easier for software developers to
perform communication and input/output, so they can
focus on the specific purpose of their application.
8. Enterprise Application Integration
is defined as the use of software and computer systems
architectural principles to integrate a set of enterprise
computer applications.
the process of linking such applications within a single
organization together in order to simplify and automate
business processes to the greatest extent possible, while
at the same time avoiding having to make sweeping
changes to the existing applications or data structures
9. Web Services
Software systems that support interoperable machine-
to-machine interaction over a network
Set of software and technologies that allow computers to
use the web to interact with each other directly without
human operators directing the specific interactions
10. Web Hosting
A web hosting service is a type of Internet hosting
service that allows individuals and organizations to
make their website accessible via the World Wide Web.
Web hosts are companies that provide space on
a server owned or leased for use by clients, as well as
providing Internet connectivity, typically in a data
center.
11. BASIC FUNCTIONS OF
E-COMMERCE SOFTWARE
CATALOG DISPLAY
• A catalog organize goods and services being
sold.
SHOPPING CART
• to assist people making purchases online
• allows online shopping customers to
accumulate a list of items for purchase
12. TRANSACTION PROCESSING
• It occurs when the shopper proceeds to the
virtual counter by clicking a checkout
button
• Then the e-commerce software performs
any necessary calculation
14. Online Payment Basics
Basic ways to pay:
Cash
Checks
Credit cards
Debit cards
Other payment medium: Scrip
Digital cash issued by a company instead of by a
government
Cannot be changed for cash
Gift certificate
15. Payment Cards
• General term to describe all types of plastic cards
that consumers use to make purchases
Debit cards
Credit cards Charge cards
Main
Categories
of Payment
cards
16. Categories of Payment Cards
Credit Card Debit Card Charge Card
• Spending limit based • Remove the amount • Offered by
on the user’s credit of the sale from the companies like
history cardholder’s bank American Express
• User can pay the account and transfers • No spending limit
entire credit card it to the seller’s bank • The entire amount
balance / pay account charged to the card is
minimum amount • Issued by the due at the end of
each billing period cardholder’s bank billing period
• Credit card issuers and usually carry the • No lines of credit and
charge interest on name of a major no interest charges
any unpaid balance credit card issuer like
Visa / MasterCard
17. Advantages and Disadvantages of
Payment cards
Advantages Disadvantages
• Providebuilt-in security for • The service companies
merchants charge merchants per-
(fraud protection) transaction fees & monthly
•Worldwide acceptance processing fees
18. Payment Acceptance and
Processing card transactions once the merchant
Steps in payment
receives a consumer’s payment card information:
Authentication Checking Settlement
• Merchant • Merchant checks • Few days after the
authenticates the with payment card purchase
payment card to issuer • Indicates that funds
ensure it is valid • to ensure that travel between
and not stolen credit/funds are banks and are
available placed into the
• Hold the credit merchant’s account
line/funds needed
to cover the charge
19. Open and Closed Loop Systems
Open loop system
Involve three/more parties
Example: system using Visa/MasterCard
Closed loop system
Card issuer pays the merchants that accept the card
directly without an intermediary
Example: American Express, Discover Card
20. Merchant Accounts
Merchant bank/acquiring bank:
A bank that does business with sellers (Internet and
non-Internet) that want to accept payment cards
Online merchant must set up a merchant account
to process payment cards for Internet transactions
Merchant must provide business information
before the bank will provide an account to process
payment card transactions
21. Merchant Accounts
New merchant must supply:
Business plan
Details about existing bank accounts
Business and personal credit history
The type of the business will influence the bank’s
likelihood of granting the account
22. Processing Payment Cards Online
There are few options:
Automatically handled by programs packaged with
electronic commerce software
Contract with 3rd party/payment processing service
providers
InfoSpace’s Authorize.Net
23. Processing Payment Cards Online
Payment processing service providers include:
InternetSecure
FirstData
Merchant warehouse
Products and services offered by these credit card
processing software vendors connect to a network
of banks called Automated Cleaning House (ACH)
and to credit card authorization companies
24. Processing Payment Cards Online
The merchant sends the card information to a payment
card authorization company which reviews the customer
account
If approved, sends the credit authorization to the issuing
bank
The issuing bank deposits the money in the merchant’s bank
account through ACH
The merchant’s Web site receives conformation of the
acceptance of the consumer transaction
After receiving notification of transaction
acceptance/rejection, the merchant Web site confirms the
sale to the customer over the Internet (via e-mail
confirmation with details about the purchase price and
shopping information)
25. Electronic Cash
Known as e-cash/digital cash
Term that describes any value storage and exchange
system created by a private entity that:
Does not use paper documents or coins
Can serve as a substitute for government-issued physical
currency
Useful for making micropayments
26. Micropayments and Small
Payments
Micropayments
Internet payments for items costing from a few cents to
around a $1
Small payments
Include all payments of less than $10
27. Holding Electronic Cash: Online
and Offline Cash
Online cash storage
The consumer does not personally own electronic cash
A trusted 3rd party (online bank) involved in all transfers
of electronic cash and holds the consumers’ cash
accounts
Require merchants to contact the consumer’s bank to
receive payment for a consumer purchase, prevent fraud
by confirming that the consumer’s cash is valid
28. Holding Electronic Cash: Online
and Offline Cash
Offline cash storage:
Virtual equivalent of money kept in a wallet
Customer holds it, no 3rd party is involved
Concern on fraud protection
Use hardware/software safeguards to prevent
fraudulent/double-spending
Double-spending:
Spending electronic cash twice by submitting the same
electronic currency to 2 different vendors
29. Advantages and Disadvantages of
Electronic Cash
Advantages Disadvantages
• Transactions are more • No audit trail
efficient • Money laundering
•Transferring e-cash on the
Internet costs less than
processing credit card
transactions
•No distribution
method/human oversight is
required
•Does not require that one
party obtain an authorization
30. Electronic Cash Systems
PayPal
Provides payment processing services to businesses and
to individuals
Earns profit on the float, which is money that is
deposited in PayPal accounts and not used immediately
Provides peer-to-peer (P2P) payment system
Free payment clearing service for individuals
32. Electronic wallets
Serves a function similar to a physical wallet
Holds credit card numbers, electronic cash, owner
identification and owner contact information
Provides information at electronic commerce site
checkout counter
Benefit:
Consumer enters information just once
More efficient shopping
33. Electronic wallets
Two categories of electronic wallets
Server-side electronic wallets
Client- side electronic wallets
34. Electronic wallets
Server-side electronic wallets
Store customer information on a remote server
belonging to a particular merchant or wallet publisher.
For example: once customers enter their information on
a site such as Amazon.com, the information will be
stored in a server side electronic wallets.
Main weakness: Security breach can reveal thousands of
users’ personal information (credit card numbers)
35. Electronic wallets
Client-side electronic wallets
Stores information on consumer computer.
Advantages:
Sensitive information stored on user’s computer instead of
the wallet provider’s central server.
Disadvantages:
Must download wallet software onto every computer
Not portable
36. Electronic wallets
Electronic wallets can:
Store shipping and billing information
Hold credit card names and numbers
Offers consumer choice of credit cards at online checkout
Hold electronic cash from various providers
37. Electronic wallets
Two electronic wallet arena survivors
Microsoft Windows Live ID
Yahoo.wallet
38. Electronic wallets
• Microsoft Windows Live ID
Formerly called Passport, Microsoft
.NET Passport
Single sign-in service
Includes server-side electronic wallet
Operated by Microsoft
All personal data entered into
Windows Live ID wallet
Encrypted and password protected
39. Electronic wallets
Four integrated services
Single sign-in service (SSI)
Allows user to sign in using username
and password
Wallet service
Provides electronic wallet functions
Kids service
Helps parents protect, control
children’s online privacy
Public profiles
Allows consumers to create public page
of information about themselves
40. Electronic wallets
Yahoo! Wallet
Server-side electronic wallet offered by Yahoo!
Completes order forms automatically
Identifying information, credit card
payment information
Allow user to stores information about several
major credit and charge cards.
Accepted by:
Thousands of Yahoo! Store
merchants, Yahoo! Travel
Yahoo! Services
Premium e-mail storage, Web
hosting fees
41. Electronic wallets
Yahoo! Wallet
Yahoo! advantage
Hosts many services and shops
Large number of merchants
accept Yahoo! wallet
Privacy concern
Company issuing wallet has access
to much information about
individual using wallet
42. Google Wallet
a mobile payment system developed by Google that allows
its users to store credit cards, loyalty cards, and gift cards
among other things, as well as redeeming sales promotions
on their mobile phone.
Google Wallet uses near field communication to make
secure payments fast and convenient by simply tapping the
phone on any PayPass-enabled terminal at checkout.
http://www.google.com/wallet/
45. Stored-value cards
Stored-value cards can be an elaborate smart card with
a microchip or a plastic card with magnetic strip that
records a currency balance
46. Stored-value cards
Magnetic strip cards
Hold value that can be recharged by inserting them into
appropriate machines
Cannot send or receive information
Cannot increment or decrement value of cash stored on
the card
Processing must be done on a device into which the is
inserted
47. Stored-value cards
Smart card
A stored value card that is a plastic card with an
embedded microchip that can store information
Hold private user data such as financial facts ,
encryption keys, account information, credit card
numbers, medical records
Can store about 100 times more information than a
magnetic strip plastic card
Safer than conventional credit cards
48. Stored-value cards
Smart card
Popular in Europe, parts of Asia
Use for public telephone calls, cable television programs
Hong Kong
Retail counters, restaurant cash registers have smart card
readers
Octopus: public transportation smart card
49. Stored-value cards
Smart card
Beginning to appear in United States
TransLink: first integrated ticketing system for public
transportation in the United States.
Smart Card Alliance
Advances smart card benefits
Promotes widespread acceptance of multiple-application
smart card technology
Promotes compatibility among smart cards, card reader
devices, applications
49
50. INTERNET TECHNOLOGIES AND THE BANKING
INDUSTRY & CRIMINAL ACTIVITY AND PAYMENT
SYSTEMS: PHISHING AND IDENTITY THEFT
PREPARED BY:
ASMA’
52. Check Processing
2. Deposit the
check in bank
account
3. Bank send the
1. Write a check to check to a
pay clearinghouse
4. Paper check
transport to
consumer’s bank
54. Mobile Banking
Allow customers to:
Obtain bank balance
View account statement
Find a nearby ATM
Future plans
Offering downloadable applications
Install and use to transact all types of banking business
Allow users to copy and paste information easily
55. Criminal Activity and Payment
Systems: Phishing and Identity
Theft
Average consumers who engage in online payment
transactions are easy prey for expert criminals
Phishing Attacks
Using Phishing Attacks for Identity Theft
Phishing Attack Countermeasures
56. Phishing Attacks
2. The messages 3. The recipient
1. Attacker sends
tell the recipient enters login
e-mail messages
to correct the name and
to recipient
matter password
5. The 4. The
perpetrator perpetrator
access the captures the
personal login name and
information password
58. Phishing Attacks (cont.)
One research firm estimates that phishing victims lost
$1.2 billion between April 2003 and April 2004.
(Computer
Crime Research Center)
Spear Phishing
Purposely created to target a particular person or
organization
Do considerable research on the intended person
59. Phishing Attacks (cont.)
The links are disguised
One common way to disguise the real URL is to use the
@ sign.
https://www.paypal.com@218.36.41.188/fl/login.html
The link in the phishing email includes Javascript code
which it is invisible
Phishing perpetrators often include graphics from the
Web site
61. Using Phishing Attacks for Identity
Theft
Identity theft
A criminal act in which the perpetrator gathers personal
information about a victim and then uses that
information to obtain credit
The perpetrator runs up the charges and then disappears
Personal information that most wanted:
Social Security number
Driver’s license number
Credit card numbers
Card verification numbers
Passwords (PINs)
62. Using Phishing Attacks for Identity
Theft (cont.)
Use phishing attacks to gather personal information
and then use it to perpetrate identity theft and other
crimes
Two elements in phishing
Collection of the information (collectors)
The use of the information (cashers)
More than a million people fall victim to phishing
attack each year and as a group financial losses
exceeding $500 million
63. Phishing Attack Countermeasures
Educate the Web site users
Warn the customers
Provide information about phishing attacks
Have contracted with consulting firms
Monitor online chat rooms that are used by criminals
65. COMPARISON BETWEEN
UK, JAPAN AND MALAYSIA/SPORE
JAPAN
• Engineer
• Kaizuka-shi, Osaka, Japan
• 7-years living in Japan
UNITED KINGDOM
• Medical Student
• Isle of Wright, UK
• 4-years living in UK
MALAYSIA
• Lawyer
• Kuching, Sarawak
• Has been buying online since 2006
66. Malaysia/Singapore
1. jipaban.com
Malaysia/Singapore online shopping mall
Singapore online database
Act as an online mall where shopper can build their own
‘shopping mall’ and add/drop stores according to their
preference
Delivery method
JPB express delivery (the fastest)
Standard postage
Registered postage
Payment method
Credit card/paypal
Internet banking/bank transfer
Shopper credit
67. Malaysia/Singapore
2. thepoplook.com/fashionvalet.net
• Malaysian famous online shopping website
• Typical/usual ecommerce website with shopping cart
where buyer can select item and put in cart, then
proceed with payment
• Delivery method
– Poslaju (the fastest)
• Payment method
– Interbanking
– Pay with FPX
– Pay with MEPS Cash
– Paypal/ Credit card
68. United Kingdom
1. Tesco
British multinational grocery and general merchandise retailer
headquartered in Cheshunt, United Kingdom.
It is the third-largest retailer in the world measured by revenues
(after Wal-Mart and Carrefour) and the second-largest measured by
profits (after Wal-Mart).
Delivery Method
Home delivery ( can book delivery slot with charge)
By call / set appointment (extra charge)
Click and Collect
Find a collection point, or
Book a collection slot
Payment Method
Pay by credit card / debit card
69. United Kingdom
2. Brandalley.co.uk /asos.com
Famous online shopping website worldwide
Offer free deliver and free return ( in certain period of time)
Delivery Method
Courier Service ( worldwide)
Payment Method
Pay by credit card / debit card
Paypal
70. Japan
1. rakuten.co.jp
Largest internet service company in Japan
Largest e-commerce (online database) website in
Japan
Flagship : B2B2C
Facts : > 90mill products, >38,000 merchants, >75 mill
membership nationwide
Serves as an online shopping mall : merchants register
under rakuten to sell their products
71. Japan
Sells everything under the sun, from groceries, to
apparel, to flight/bus ticket and also you can book
hotels/accomodation at rakuten
Payment method
Credit card
Rakuten bank
Cash on delivery
Interbanking/ bank transfer
By convenience store
Lawson (convenience store franchise chain in Japan)
Pay using a machine called “loppi”
72. Japan
Delivery method
Courier Service
Shipping company
Kuroneko yamato / sagara
Top shipping company in Japan
73. Japan
2. Yahoo auction
Yahoo Auctions Japan is the largest online auction in
Japan where you can bid and buy anything you want.
It has the same business model as ebay
Interested in thing? Bid. Best price wins
They even sell second hand cars on Yahoo Auction
Products > 5000yen needs to be registered and fees to
be imposed on seller
74. Japan
3. Zozotown (zozo.jp) / uniqlo.com
ZOZOTOWN is an internet retailer of fashion products
originating in Japan with over 700 popular brands
Delivery Method
Courier Service ( worldwide)
Payment Method
Pay by credit card / debit card
paypal
75. Why shop online?
JAPAN UK MALAYSIA
• Super fast internet • Sales online is • Easier for people
connection much more cheaper who live afar
• User friendly/easy • Cant get them in • Cant get them in
to navigate website store store
• Easy for foreigner to • Buying experience • (used to be)
look for imported cheaper than in
products store
• Variety of products • Buying experience
• Cheaper and variety
• Reliable and trusted
web services