The document discusses electronic payment systems and security protocols for e-commerce transactions. It describes how credit cards are the most common payment method but have security and privacy concerns when sending card information over the internet. It outlines protocols like SSL and SET that allow customers to encrypt their order and payment details. Secure payment systems are critical for e-commerce success as they allow remote transactions without using cash. Methods like encryption, digital signatures, and message digests along with certificates and certifying authorities are key security schemes for electronic payment systems.

1. UNIT-IV
Electronic Payment Systems:
The most common internet payment method for the B2C EC is credit card. However,
a concern for customers is security while sending over the internet, credit card information,
including name, card number, and expiration date. Buyers also are concerned with privacy.
They do not want others to know who they are, or what they buy.
At present most companies use Security Socket Layer (SSL) Protocol allows
customers to encrypt (coding or decoding of data in transmission) their order at their PC.
Another secure protocol, called Secure Electronic Transaction (SET). It is a perfect protocol.
Electronic Payments and Protocols:
Secured payment systems are critical to the success of EC. The emergence of
electronic shopping on the Internet has necessitated new payment methods. Cash cannot be a
medium of payment between remote buyers and sellers in cyberspace. Therefore, the credit
card has become the most popular payment method for consumer-initiated cyber shopping.
In online credit card payment system, the computer asks the buyer to input the card
number, buyer’s name and expiration date. In most e-mails, the answers to these questions
are encrypted. However, not all consumers are confident with the safety of online message
delivery. Therefore, sellers are obliged to offer multiple options for transmission of credit
card information, so that buyers can select their preferred method. (The customer may send
the card information online or by making a toll-free telephone call)
a) Secure Electronic Transaction Protocol for Credit Card Payment:
The risk of faked use of another person’s credit card is inherent unless a protocol can
confirm the truthfulness of the cardholder on the other side of cyberspace. In fact,
appropriate encryption techniques are the most secure protection against wiretapping
during transmission. Not only does security during transmission need to be resolved but
also authentication of the cardholder.
b) Electronic Fund Transfer and Debit Cards on the Internet:
Electronic Fund Transfer (EFT), a popular electronic payment method, transfers a money
value from one bank account to another in the same or a different bank.
Security Schemes in Electronic Payment System:
The key security schemes adopted for electronic payment systems are:
1) Encryption.
2) Digital Signature
3) Message Digest
4) Use of Certificates and Certifying Authority/Authorities

2. Encryption:
It means coding or decoding of the date in transmission. There are two types of
encryption.
1) Symmetric or Private Key Encryption.
2) Asymmetric or Public Key Encryption.
Symmetric or Private Key Encryption:
In this type of encryption the sender and receiver are used a single secret key. The
most widely accepted algorithm for secret key encryption is the Data Encryption Standard
(DES). The problem with a single key is that it needs to be transmitted to a counterpart.
The process of sending message using secret key cryptography:
Key
Receiver
Original message Scrambled
Scrambled Receiver
Sender Message Internet Message
OKey Sender = Key Receiver