Ec module 4


Published on


Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ec module 4

  1. 1. BIT NoidaE-Commerce Payment SystemsModule 4Mallika
  2. 2. BIT NoidaReferences● E-Commerce books by– Laudon– Brat Bhaskar– Loshin– Murthy● Lot of stuff on Internet
  3. 3. BIT NoidaConcept of Money● Trade began with barter● When goods of buyer and seller did not match,problem arose,● need for common medium of exchange (token)● Initially tokens had value● Maintaining tokens was costly● Thus leather and then paper currency came● Other forms of money evolved over a period
  4. 4. BIT NoidaTraditional Payment Systems● Cash payments– customer pays in currency– may seek receipt for payment● Cheque payments– backed by money in bank account– customer has proof of payment● Value exchange systems– transfer assets of value for buying goods– ex: mutual funds, IOUs● Credit Card systems
  5. 5. BIT NoidaTraditional Payment SystemsCredit Cards● Customer signs credit card receipt to buy goods● Vendor verifies card holders identity● Vendor accepts credit card receipt● Merchant forwards the cc receipt to card-issuing institution● Card-issuing institution transfers amount fromcustomers account to vendor. It also sends bill(statement) and copy of cc receipt to customer
  6. 6. BIT NoidaTraditional Payment SystemsElectronic Funds Transfers● Credit Transfer – Initiating institution sendsfunds through EFT system to deposit torecipients accountsEx: automatic deposit of payrolls● Debit Transfer – initiating institution drawsfunds from depositors accountsEx: pre-authorised bill payments
  7. 7. BIT NoidaEFT contd● Banking and financial payments– Wholesale payments – bank to bank transfers– Retail payments – ATMs, cash dispensers– Home banking – bill payments through banks● Retailing payments– Credit cards– Private cards– Charge cards
  8. 8. BIT NoidaTraditional Payment SystemsAnother Perspective● Cash● Credit and debit card● Personal cheques● Travelers cheques● Money orders● Bank drafts● Postal orders
  9. 9. BIT NoidaAdapting Traditional Methods toE-Commerce● Credit cards easiest to digitize– card number, expiry date, holders name– Data is easy to transfer over Internet● Cheques Conceptually simple– documents with information on cheque number, holders name,payee name, amount and date– Data is easy to transfer over Internet● Cash Allows anonymous payments– Value transferred immediately– Safest way in traditional systems– Hardest to digitize
  10. 10. BIT NoidaE-Commerce Payment SystemsRequirements● Acceptability – payment system must berobust, available and accessible to all buyers,sellers and financial institutions● Flexibility – accept several forms of payment● Reliability – ensure and infuse confidence inusers by protecting them from system failures● Efficiency – operational costs must be nearzero and must be easy to use● Privacy – to customers spending habits
  11. 11. BIT NoidaE-Commerce Payment SystemsRequirements● Security – from– Fraud– Double spending– Counter-feiting– Hardware tamper– Unauthorized use– non-refutable – payments must be verifiable andrecords maintained● Confidentiality – all information must beprotected from intruders and hackers
  12. 12. BIT NoidaE-Commerce Payment SystemsRequirements● Non-traceability – of payments to otherpayments by same consumer● Scalability – offer same performance and costper transaction overhead with up or downscaling. This involves support for– Micro-payments– Off line operation– Low costs of transaction– Macro payments
  13. 13. BIT NoidaEconomic Issues of EC PaymentSystems● Operational Issues – easily deployable● Large user base● Low risk – of financial loss associated with use● Conservation – refers to value stored in digital currencyover a period of time● Ease of integration with other processes● Ease of use – refers to– Unobtrusiveness– Low transaction costs– Hardware independence
  14. 14. BIT NoidaWays to Reduce OperationalRisks of E-Cash● Time validity of e-cash● Limit of amount to store and transfers● Limit on number of exchanges beforeencashing● Limit number of transactions before expiry● Restrict transactions to a class of goods
  15. 15. BIT NoidaWays to Reduce OperationalRisks of E-Cash● Time validity of e-cash● Limit of amount to store and transfers● Limit on number of exchanges beforeencashing● Limit number of transactions before expiry● Restrict transactions to a class of goods
  16. 16. BIT NoidaE-Transaction Characteristics● Atomicity -no partial transactions take place● Transfer of funds without loss in transactions● Complete transfer of goods or no transfer forthe funds transfer● Consistency in transaction policies● Isolation of transactions with one another● Durability – of transactions in cases of systemcrash
  17. 17. BIT NoidaTypes of Transactions● Based on volume– Micro payments– Consumer payment– Business payments● Based on parties involved– ATM model payments– Unmediated 2-party payments– Mediated 3-party payments– Micropayments– Anonymous payments
  18. 18. BIT NoidaTypes of Transactions (contd)● Based on payment protocol– Token-based payments– Purse-based payments are prepaid– Card or postpaid payments● Based on traceability– Identified e-money– Anonymous e-money
  19. 19. BIT NoidaE-Money Comparison Criteria● Nature of transactions for which money isdesigned● Means of settlement used to backuppayments● Approach to security, anonymity andauthentication● Risk factor– Due to expiry of e-cash– Due to delay between goods delivery andpayment
  20. 20. BIT NoidaToken-based Payment Systems(E-Cash)● Combines convenience of cash with security andprivacy● Aims to be used in consumer-oriented EC● Dominant form of payment because– Lack of trust in banking system– Inefficient clearing and settlement of payments– Negative real interest rates on bank deposits● Must have same characteristic s of cash● Must have monetary value, be interoperable,retrievable and secure
  21. 21. BIT NoidaCharacteristics of Cash● Negotiable – given or traded to others● Legal tender – payee is obliged to accept cash● Bearer instrument – possessor is prima facieproof of ownership● Can be held and used by anyone● No risk on part of acceptor● Allows anonymous spending
  22. 22. BIT NoidaE-Cash Operation● A pair of cryptographic keys work in tandem● One key is private and used for encoding● Other is public and for decoding● Bank supplies public key to all customers● Users buy e-cash from a currency server– Establish account a bank– Maintain enough cash in the account– When required, exchange cash in account withe-cash
  23. 23. BIT NoidaE-Cash Operation (contd)● Customer uses e-cash software● Customer generates a random number (note)● Note sent to bank with requested amount● Bank debits requested amount from customers account, signsnote for amount and returns● Customer stores e-cash for further use in two ways– Bilateral transactions -vendor verifies notes with bankspublic key, if satisfied, stores it and delivers goods– Trilateral transactions – vendor sends notes to his bank,which verifies it and credits amount to vendorsaccount. Note is spent only once
  24. 24. BIT NoidaE-Cash Issues● Bank keeps database of issued and spentnotes to avoid double spending– expensive to bank– unproductive– Large overhead of verifications of notes– E-cash issuing charges are not profitable– Can be avoided if anonymity is removed, butbank knows ones spending habits●
  25. 25. BIT NoidaE-Cash Issues (contd)● Customer can store e-cash– Must have ability to convert into legal tender– Ie for every e-cash unit, there would be cash inreal world, for which digital proxies exist -andavailable - problem– +ve balances of e-cash do not earn interests● E-cash has divisibility issues.– Problem to issue various denominations– Problem to return change after a sale
  26. 26. BIT NoidaE-Cash Issues (contd)● Customer can store e-cash– Must have ability to convert into legal tender– Ie for every e-cash unit, there would be cash inreal world, for which digital proxies exist -andavailable - problem– +ve balances of e-cash do not earn interests● E-cash has divisibility issues.– Problem to issue various denominations– Problem to return change after a sale
  27. 27. BIT NoidaE-CashMiliCent● Proprietary system by Digital Equipment for micropayments from 1/10th C to few tens of $● Involves brokers who supply scrips, buyers and sellers● Buyer acquires a quantum of broker scrip for realmoney● Buyer acquires sellers scrips with broker scrip● Buyer buys goods from seller and pays in his scrip● Seller delivers goods and any change to buyer● Seller converts scrip for real money with broker
  28. 28. BIT NoidaE-CashMiliCent● Efficient for sub-cent transactions● Does not use tight security mechanisms● Not complient with atomicity and consistency● Interoperability– Many vendors use same broker, so vendoroperability is possible– Cooperation amongst brokers makes scripsgenerally available● Vendors issue their won scrip and maintain itspurchasing power
  29. 29. BIT NoidaE-CashMicroMint● Brokers authorize customers to make paymentsin MicroMints (coins) to vendors● Brokers generate MicroMints in bulk● Brokers issue new coins every month for realmoney or unused coins of previous month● Coins are valid for one month or less if brokerso decides● Vendors convert coins with broker at theirconvenience
  30. 30. BIT NoidaE-CashMicroMint - Security● Any forged coins become invalid at the end ofthe month● Forging possible only after broker releasescoins for the month● Broker can detect forged coins● Broker can cancel and recall coins at any time● Broker can detect double spending of coins
  31. 31. BIT NoidaE-CashNetBill● Designed for buying information goods● Customer buys goods from seller● Seller delivers goods in encrypted form and bill● Customer verifies goods for integrity, sends paymentmessage to merchant● Merchant submits payment message, buyers accountinformation and product decryption key to NetBill server● Server verifies and confirms buyer to seller● Merchant delivers decryption key to buyer● All communications use a combination of public- andprivate- key encryptions
  32. 32. BIT NoidaE-CashDigiCash● Uses digital coins called CyberBucks● CyberBucks are exchanged between parties● Users pay for DigiCash client software calledecash through password and user ID● Users open account with DigiCash from clientto get a wallet● Wallet enables users to get CyberBucks fromDigiCash server
  33. 33. BIT NoidaE-CashDigiCash - Transactions● Buyer orders products from EC site● Merchant makes payment request to buyer● Request includes merchand ID, amount● User authorises payment● CyberBucks are exchanged between wallets● DigiCash provides remote shop server for smallretail merchants that maintains their wallets
  34. 34. BIT NoidaSmart Card Payment Systems● Smart cards are credit-, debit- or other cards● Tried since 1990s. Popular since advent of mobile phones● Classified based on– Technology● Passive cards● active cards– Connectivity● Contactful● contactless– Application– Relationship cards– Electronic purses
  35. 35. BIT NoidaSmart CardsMondex - Hardware● Smart card to store digital money● Retailer terminal transfers funds from card toterminal● Wallet stores larger amounts than card● Balance reader reveals balance on a card● Hotline accesses accounts, transfers money tocards, check balance etc● ATM to recharge card, transfer money fromcard to account
  36. 36. BIT NoidaSmart CardsMondex – Transaction Sequence● Customer loads money on card from ATM● When buying, produces card to point-of-saledevice and authorizes money transfer● Point-of-sale device deducts required amountfrom card and adds to retailers chip in device
  37. 37. BIT NoidaMondex – Pros and Cons● Mondex can be connected to PCs● Highly secure● Buyers details do not travel over Internet, onlymoney value travels● Tamper-proof● Uses proprietary hardware● Banks can trace all transactions and can buildcustomer profiles to sell
  38. 38. BIT NoidaSmart Card Payment SystemsNetFare● Merchants– Establish account with NetFare– Use NetFare-provided codeto link to it– NetFare server responds with go/nogo to buyerauthentication– NetFare credits merchants payments to hisbank account monthly
  39. 39. BIT NoidaSmart Card Payment SystemsNetFare● Customers– Purchase NetFare card of some denomination– Shops on Internet and pays with card byentering his/her ID and PIN– Can check his NetFare balance at its server– Credit card or bank account information nevergoes on network, so safe
  40. 40. BIT NoidaCheque Payment Systems● Another form of electronic tokens● Buyers register with cheque issuer for e-cheques● On purchases, sends cheque to merchant for a certainamount over email● Cheque bears payers account details, amout, payeesdetails, peyers digital sign and banks sign● Payee endorses cheque to his accounting forverification and payment● will be cleared through ACH
  41. 41. BIT NoidaCheque Payment Pros● Works the same way as traditional cheque● Well suited for micropayments● Use of private key encryption makes it faster● Financial risk is assumed by accounting server– Acceptable to many– Scalability is good● Create float in business
  42. 42. BIT NoidaCheque PaymentsFSTC E-Cheque● All electronic payment and deposit system● Can work from a variety of devices● Fast and secure settlement of accounts● No need for prearrangement with bank, works with existing system● Uses digital signs and endorsing cheques● Can work with various scenarios– Deposit and clear- seller deposits cheque in his bank account– Cash and transfer – seller presents cheque at buyers bank– Lock box - cheques go into postbox and transferred directly tobank– Funds transfer – buyer sends cheque to his bank, which transfersmoney to sellerpayments collected at a secure post office box and transported directly to the bank for processing
  43. 43. BIT NoidaCheque Payment SystemsMandate● A bank issues Mandate machine to customerwith requested number of cheques of requesteddenomination● Bank issues two public-key pairs for customer● Ones private-key for sign, banks public-key toencrypt cheque● Mandate generates cheque, signs, encryptsand sends them to merchants Mandate● Seller endorses and sends cheque to his bank●
  44. 44. BIT NoidaCheque Payment SystemsNetCheque● Users maintain accounts with NetCheque servers● Buyers write cheques with their digital sign using write-cheque function● Sellers endorse cheques to accounting servers usingdeposit-cheque function● Users can find status of account and cheques usingstatement function● NetCash is designed for micro payments and anonymity ofcustomers● Can work with various currencies● Uses Kerberos for authentication
  45. 45. BIT NoidaCheque Payment SystemsMiniPay● From IBM for open standard, low-cost system● Each day, buyer acquires spending and authenticationcertificate from MiniPay server● When buyer needs, MiniPay client generates paymentorder and sends to merchant● Seller verifies payment order with server for buyerauthentication and sufficiency of money● If satisfied, merchant delivers requested informationand stores payment order● Each day, seller sends pay orders to server forclearing
  46. 46. BIT NoidaCard Payment Systems● Each user generates a key-pair.● User sends public key to bank to its public key center● Secret key is encrypted with password● Bank gives user card number and card limit● Buyer generates message with card number, amount,expiry date and time stamp● Buyer signs and encrypts message● Sender signs message and resends for verification
  47. 47. BIT NoidaCard Payment SystemsCustomerMerchantServerCredit cardProcessorCustomersBank1. encrypted card number2. verify card3. verify card5. ok or not ok4. authorize6. deliver goods7. monthly settlement
  48. 48. BIT NoidaCard Payment SystemsCyberCash● Buyers and sellers acquire software from CyberCash● Buyers get a wallet with CyberCash pay button● Merchants have account with bank that deals withCyberCash● Uses combination or RSA and DES for security● Authentication uses MD5● Signatures use RSA● Users information is kept private● Not economical for micro payments● CyberCoin is designed for mecro payments
  49. 49. BIT NoidaCard Payment SystemsCyberCashCard issuerCustomer MerchantAcquirerCyberCash1. place order2. receive invoice3. encrypted payment10. deliver goods4. Paymentmessage9. go or no go5. decryptedauthorizationrequest andcapture8. authorizationresponse.6. authorization request7. authorization response11. account settlement12. statement
  50. 50. BIT NoidaCard Payment SystemsFirstVirtual● Designed for information goods● Does not use encryption● Sensitive data does not travel over network● Works with existing software on users PCs● Small retailers can use InfoHaus – vertual mallrun by FirstVirtual
  51. 51. BIT NoidaCard Payment SystemsFirstVirtual● Makes following assumptions– Merchants can produce goods at no incrementalcost● Stolen goods do not cost merchant anything– Buyers need to examine goods before deciding tobuy– Buying and selling should be simple and has as lowentry cost in time, money and effort as possible● Goods can be delivered on any Internet application● Depends on automation of business processes● Keeps extensive documentation of transactions
  52. 52. BIT NoidaFirstVirtual – Merchant Accounts● With Pioneer application– FV gives sellers a application number andinstructions to send bank account informationto FV via mail– FV deposits merchants money through ACH● With Express application– For merchants with existing merchant accounts● Buyers pay initiation fee● Sellers pay setup fee, transaction on sale,transaction fee on bank deposits
  53. 53. BIT NoidaFirstVirtual – TransactionProcess● Customer downloads offered information formmerchants server giving FV ID● Merchants server sends information● Server emails price of information to customer and FV● FV emails customer to ask if he/she would pay● If customer agrees to pay, merchants account iscredited for the price of information● If customer reports fraud, transaction and his ID arecancelled● FV terminates customers who consistantly downloadinformation without pay