MIS 10 Electronic Payment System

19,005 views

Published on

The series of presentations contains the information about "Management Information System" subject of SEIT for University of Pune.
Subject Teacher: Tushar B Kute (Sandip Institute of Technology and Research Centre, Nashik)
http://www.tusharkute.com

1 Comment
8 Likes
Statistics
Notes
  • Wow... what a great post! Unfortunately, I found this article too late - I already found the answer on another service. Just look at the service https://goo.gl/xdpb3z. Its pretty easy to use. I think you can get a free trial if you ask for it.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
19,005
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
916
Comments
1
Likes
8
Embeds 0
No embeds

No notes for slide

MIS 10 Electronic Payment System

  1. 1. Management information system<br />Third Year Information Technology<br />Part 10<br />Electronic Payment System<br />Tushar B Kute,<br />Department of Information Technology,<br />Sandip Institute of Technology and Research Centre, Nashik<br />http://www.tusharkute.com<br />
  2. 2. What is Electronic Payment?<br />Is a system that permits online payment between parties using an electronic surrogate of a financial tender <br />The electronic surrogate is backed by financial institutions and/or trusted intermediaries<br />The intent is to act as an alternative form of payment to the physical cash, cheque or other financial tender<br />
  3. 3. Electronic payment system<br />An e-commerce payment system facilitates the acceptance of electronic payment for online transactions. Also known as a sample of Electronic Data Interchange (EDI), e-commerce payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking.<br />In the early years of B2C transactions, many consumers were apprehensive of using their credit and debit cards over the internet because of the perceived increased risk of fraud.<br />
  4. 4. E-payment systems <br />There are numerous different payments systems available for online merchants. These include the traditional credit, debit and charge card but also new technologies such as digital wallets, e-cash, mobile payment and e-checks. <br />Another form of payment system is allowing a 3rd party to complete the online transaction for you. These companies are called Payment Service Providers (PSP).<br />
  5. 5. E-payment systems types<br />
  6. 6. E-payments<br />
  7. 7. Credit cards and smart cards<br />Over the years, credit cards have become one of the most common forms of payment for e-commerce transactions. In North America almost 90% of online B2C transactions were made with this payment type.<br />A Smartcard is similar to a credit card; however it contains an embedded 8-bit microprocessor and uses electronic cash which transfers from the consumers’ card to the sellers’ device. A popular smartcard initiative is the VISA Smartcard.<br />
  8. 8.
  9. 9. Electronic bill presentment and payment<br />Electronic bill presentment and payment (EBPP) is a fairly new technique that allows consumers to view and pay bills electronically. There are a significant number of bills that consumers pay on a regular basis, which include: power bills, water, oil, internet, phone service, mortgages, car payments etc. <br />EBPP systems send bills from service providers to individual consumers via the internet. The systems also enable payments to be made by consumers, given that the amount appearing on the e-bill is correct.<br />
  10. 10. Current Status<br />ePayment opportunities are growing albeit slowly<br />New players are entering ePayment marketplace<br />Variety of ePayment mechanisms and devices - creating state of chaos<br />Infrastructure for ePayment is complex and expensive to deploy<br />Lack of critical mass adoption and acceptance<br />Online payment is hard to implement globally<br />
  11. 11. Business Realities<br />Security Infrastructure<br />Customer Profiles<br />Payment Types<br />Authentication Models<br />Spa<br />ePayment is still evolving ...<br />New ePayment Solutions<br />
  12. 12. ePayment Channels<br />Defined as ‘touch points’ where a payment transaction is originated or initiated<br />Can be executed through a variety of channels<br />Internet based<br />Kiosks<br />Contactless or proximity sensors<br />Mobile e.g. mobile phones, PDA<br />
  13. 13. ePayment Instruments<br />Defined as the medium in which the value is recognised in a payment transaction<br />Card-based such as<br />Credit and charge cards <br />buy now, pay later<br />Debit cards <br />buy now, pay now<br />Cash cards, stored-valued, e-cash <br />buy now, prepaid or pay before<br />
  14. 14. Credit Cards<br />Most widely used <br />banks able to leverage existing card infrastructure<br />appears ‘defacto’ online payment<br />Largely unencrypted<br />‘card-not-present’ transactions processed without customer & merchant authentication<br />Charge back risk for merchants<br />charge-back is when customer demands a refund<br />banks transfer liabilities of charge-backs to the merchants<br />merchants need to have a bond to cover such charges<br />
  15. 15. Debit Cards<br />Direct electronic transfer of account - direct account debiting<br />Uses chip/smart eWallets<br />Digital signature to secure access <br />Connected to eBanking solution<br />
  16. 16. Digital Cash<br />A system of purchasing cash and storing the credits in consumer’s computer<br />Computerised stored value is used as a form of cash to be spent in small increments<br />A third party is involved in the payment transactions<br />Examples: Beenz, Billpoint, Paypal<br />
  17. 17. Cazh<br />A project by ABN-Amro<br />A debit system that creates network between merchant and bank to allow customers pay for the goods by direct debit of customers’ bank account<br />Once customer has been authenticated by his/her bank, he/she can authorise the bank to pay the merchant on the goods purchase<br />Similar to Nets POS but in cyberspace<br />
  18. 18.
  19. 19. Cash Card<br />Payment solution on a proprietary protocol that allows payment over the Internet<br />A digital/virtual wallet with prepaid credit-based/token-based payment system<br />Enables low-value electronic payments on the Internet<br />Limited distribution, proprietary solutions<br />Needs to install card reader and download free eWallet<br />
  20. 20. eCheque<br />A formatted email message that consists of payee name, amount, payment date, payer’s account number, and payer’s bank<br />Digital certificate and signature are used to secure the cheque so that the contents are not tampered with<br />A signed electronic cheque is exchanged between the parties’ financial institutions through automated clearing house<br />
  21. 21. Mobile Wallet<br />Relatively new space exploited by telcos and non-financial enterprises<br />Provides ePurse functionality to replace card-type payments<br />Aggregating micro-payments onto the mobile phone bill<br />Can use mobile access device to authenticate payer’s identity<br />SIM card well placed to function and control payment process and authentication<br />
  22. 22.                         <br />Components of Online Payment System<br />Consumer<br />Online Merchants<br />Payment Clearinghouses<br />Payment Enablers<br /><ul><li>Merchant Acquirers
  23. 23. Payment Gateways
  24. 24. Shopping Cart Vendors</li></ul>Competing Authentication Services<br /><ul><li>Non-bank payment Processors</li></li></ul><li>Private network<br />Bank network<br />Internet<br />Internet<br />ePayment Risks<br />Payment gateway<br />Buyer<br />Merchant<br /><ul><li>Information stolen
  25. 25. Payment info stolen from merchant
  26. 26. Masquerading as legitimate merchant
  27. 27. Key info stolen by merchant staff
  28. 28. Use of stolen card
  29. 29. Credit card number or password stolen from computer
  30. 30. Unauthorised access
  31. 31. Information modified in transit
  32. 32. Information modified in transit</li></li></ul><li>Results<br />Question Asked<br />Survey By<br />88% of online shoppers said “guaranteed credit card security”, 2nd highest feature cited.<br />Features that will increase the likelihood to buy online?<br />Odyssey, 2000<br />85% of online shoppers said “secure transactions,” the highest cited feature.<br />Important features of online shopping sites?<br />Cyber Dialogue, 2000<br />79% of Internet users said “credit card security,” the number one cited barrier.<br />Barriers to online purchasing?<br />Pricewaterhouse Coopers, 2000<br />47% of Internet users said “credit card security,” the 3rd highest barrier cited.<br />Barriers to online purchasing?<br />Greenfield Online, 2000<br />68% of Internet users said “hackers getting credit card number,” 2nd highest concern cited<br />Worries and concerns regarding online activities?<br />Pew Internet & Am Life Project, June 2000<br />58% of new Internet users said “better security,” the 3rd highest factor cited.<br />Factors that would motivate new users to purchase online?<br />Jupiter Research, May 2000<br />60% of non-buyers said “credit card security,” the highest factor cited.<br />Factors that would convert non-buyers to buyers online?<br />Odyssey, 2000<br />Research on online shopping <br />
  33. 33. How can we secure ePayment?<br />The Trust Principle<br />The parties to the transaction must trust each other<br />Buyer must believe that seller is legitimate and will deliver the goods<br />Buyer must believe that goods are as represented and are worth the price<br />Seller must believe that buyer is legitimate and will pay for the goods purchased<br />
  34. 34. How can we secure ePayment?<br />The Security Principle<br />Parties need a secure environment in which to conduct the electronic transactions <br />Seller needs to protect the details of the transactions<br />Buyer needs to be certain that his/her information is securely handled and stored<br />Buyer needs to be certain that information is not stolen that it can be inappropriately used<br />
  35. 35. ePayment Solutions<br />Must providesecurity: resistance to fraud and online attacks<br />Reliable: highly available and accessible at all times <br />Cost effective: cost per transaction should be low even for micro-payment<br />Integrated and scaleable: interoperable amongst different systems, payment methods and multiple servers distributed across the Internet<br />Convenient and easy to use: should support several devices<br />Anonymity: should protect the identities of parties to the transactions and should not monitor the sources of finance<br />
  36. 36. Securing ePayments<br />Identification and authenticate<br />the ability to verify both the transacting parties<br />Authorization<br />the ability to validate the rightful owner to the transaction<br />Integrity and confidentiality<br />the ability to transmit the transaction securely<br />the ability to store the transaction properly<br />Accountability<br />The ability to provide audit trail as evidence in dispute<br />Policies for sharing risks and liabilities<br />the mechanism to settle disputes/non-repudiation<br />
  37. 37. Authentication Models<br />Something you have and something you know – ATM card model<br />Known to the back-end (server), synchronize with each transaction using a one time random number – Secur-ID model<br />“Sign” each transaction – PKI-model<br />Tie into a real person – Biometrics <br />
  38. 38. Issuing Bank<br />Merchant<br />Buyer<br />Acquiring Bank<br />Visa/Mastercard<br />ePayment Transaction Cycle<br />Orders goods<br />Bills buyer<br />8<br />1<br />9<br />Deliver goods<br />Pays bank<br />Voucher to Acquiring Bank<br />Issuing Bank pays Visa / Mastercard<br />Transaction voucher to Issuing Bank<br />Reimburses merchant<br />2<br />7<br />4<br />5<br />Sends transaction voucher to Visa / Mastercard<br />3<br />6<br />Visa / Mastercard reimburses Acquiring Bank<br />
  39. 39. Secure Sockets Layer (SSL)<br />A security protocol to protect sensitive data transmitted over the Internet<br />Uses encryption to protect the transmission of data<br />When SSL session starts, server sends key to the browser, which returns random key to the server<br />Ensures that data are not tampered with or stolen en route<br />
  40. 40. Secure Electronic Transfer - SET <br />Protocol by Visa and MasterCard released in 1996<br />3 party system - cardholder, merchant and bank using SET-enabled systems<br />Uses digital certificate to ensure cardholder is who he/she says he/she is or claims to be<br />Credit card details are invisible to merchants, protected by encryption for clearing bank<br />

×