The report is on the design and implementation of the e-secure transaction the formatting of the report is based on IIT
This is the project report of the Design and implementation of e-secure transaction system that is my college days.
the formatting of this report is based on the IIT formate so you can copy the formate
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
E secure transaction project report (Design and implementation of e-secure transaction system)
1. DesignandImplementationof e-secureTransactionSystem
A project Report
Submitted in fulfilment of the
Requirements for the award of the degree of
Bachelor of Technology (B.Tech.)
Submitted by
Ajit Singh
( 13EIACS701)
Under the supervision of
Department of Computer Science & Engineering
Institute of Engineering & Technology, Alwar (Raj.)
Rajasthan Technical University, Kota (Raj.)
May - 2017
Mr. Sunil Gupta
Ass. Professor
2. ii
ACKNOWLEDGEMENT
It is with deep sense of gratitude and reverence that I express my sincere
thanks to my highly respectable supervisor Mr. Sunil Gupta. He has played a
pivotal role for my guidance, encouragement, help and useful suggestion
throughout. His untiring and painstaking efforts, methodological approach and
individual help made it possible to complete this work in time. I consider
myself very fortunate for having been associated with the supervisor like him.
His affection, guidance and scientific approach served a veritable incentive for
completion of this work.
I would like to thank our Chairman Dr. V. K. Agarwal, Executive Director Dr.
Manju Agarwal, for providing all the facilities and working environment inthe
Institute.
I would like to thank our Principal Prof. (Dr.) Anil Kumar Sharma for their
valuable suggestions for carrying out my project work.
I would like to express my genuine gratitude to Dr. Rohit Singhal, HOD (CSE),
Er. Mohit Khandelwal, Dr. Pratap Singh Patwal(Project In-charge),
Mr. Nitin Sharma (Project - Coordinator) for their valuable suggestions and
advices in carrying out this work.
I also like to thank entire institute faculty who helped me directly or indirectly
to complete my Dissertation work. I would specially like to thank my family
and friends for their sincere interest in my work and their moral support.
Lastly, all the thanks belong to the Almighty.
Ajit Singh
Department: Computer Science
3. iii
CANDIDATE’S DECLARATION
I hereby declare that the work presented in this project report titled, “DESIGN AND
IMPLEMENTATION OF E-SECURE TRANSACTION SYSTEM ” submitted by me
in the partial fulfillment of the requirement of the award of the degree of Bachelor of
Technology (B.Tech.) Submitted in the Department of Computer Science &
Engineering, Institute of Engineering & Technology, Alwar is an authentic
record of my project work carried out under the guidance of (Supervisors name and
affiliation)
Date : 25/03/ 2017 Ajit Singh
Place: IET COLLEGE 13EIACS701
4. iv
SUPERVISOR’S CERTIFICATE
It is to certify that the Project entitled “DESIGN AND IMPLEMENTATION OF E-
SECURE TRANSACTION SYSTEM” which is being submitted by Mr. Ajit Singh to
Institute of Engineering & Technology, Alwar in the fulfillment of the
requirement for the award of the degree of Bachelor of Technology (B.Tech.), is a record
of bonafide project work carried out by him/her under my/ our guidance and supervision.
The matter presented in this project report has not been submitted either in part or full to
any University or Institute for award of any degree.
Signature
(Sunil Gupta)
5. v
TABLE OF CONTENTS
Name of Content Page No.
Acknowledgement
ii
List of Figures iv
List of Tables
List Of Contents
v
vi
6. vi
TABLE CONTENT
Abstract...............................................................................................................................1
1: Introduction..................................................................................................................2
1.1 Background Study................................................................................................3
1.2 Project Scope........................................................................................................4
2: Overall Description......................................................................................................5
2.1 Product Perspective..............................................................................................5
2.2 Product Features...................................................................................................5
2.3 User Classes and Characteristics..........................................................................5
2.4 Operating Environment........................................................................................6
2.5 Design and Implementation Constraints..............................................................6
2.6 Assumptions and Dependencies ..........................................................................7
3: External Interface Requirements ...............................................................................8
3.1 User Interfaces .....................................................................................................8
3.2 Hardware Interfaces .............................................................................................9
3.3 Software Interfaces ............................................................................................10
3.4 Communications Interfaces................................................................................10
4: Other Nonfunctional Requirements.........................................................................12
4.1 Performance Requirements................................................................................12
4.2 Security Requirements .......................................................................................12
4.3 Software Quality Attributes ...............................................................................13
5: Design Specifications .................................................................................................15
5.1 Assumptions.......................................................................................................15
5.2 System Environment..........................................................................................15
5.3 Design Methodology..........................................................................................15
5.4 Risk and Volatile areas ......................................................................................16
5.4.1 Risk Identification and Analysis........................................................................17
6: Architecture ................................................................................................................20
6.1 Overview............................................................................................................21
6.2 Subsystem,Component,or,Module1…N ............................................................22
7: UML Diagrams ...........................................................................................................24
7.1 Noun Phrase Analysis ........................................................................................24
7.2 Use Case Diagram..............................................................................................26
7.3 Activity Diagram................................................................................................27
7.4 Class Diagram....................................................................................................28
7.5 Sequence Diagram .............................................................................................29
7.6 CRC Diagram.....................................................................................................31
7.7 Data Flow Diagram............................................................................................33
- 7.7 Pert Chart ...........................................................................................................38
8: Database......................................................................................................................41
8.1 Tables,Fields,Relationships ...............................................................................41
9: Test Cases....................................................................................................................44
10.1 Test Case1..........................................................................................................44
10: Conclusion .................................................................................................................61
Appendix A Snap shot of project................................................................................62
Appendix C Project Source Code................................................................................67
7. 1
ABSTRACT
Objectives:
Electronic payment is the very important step of the electronic business system, and its
security must be ensured. SSL/TLS and SET are two widely discussed means of securing
online credit card payments. Because of implementation issues, SET has not really been
adopted by e-commerce participants, whereas, despite the fact that it does not address all
security issues, SSL/TLS is commonly used for Internet e-commerce security. The three-
domain (3D) security schemes, including 3-D Secure and 3D SET have recently been
proposed as ways of improving ecommerce transaction security. Based on our research
about SSL, SET, 3D security schemes and the requirements of electronic payment, we
designed a secure and efficient E-Payment protocol. The new protocol offers an extra layer
of protection for cardholders and merchants. Customers are asked to enter an additional
password after checkout completion to verify they are truly the cardholder; the
authentication is done directly between the cardholder and card issuer using the issuer
security certificate and without involving the third party (Visa, MasterCard).
Methods/Analysis:
Electronic payment cards (credit, debit, charge)
E-wallets (or e-purses)
Smart cards
Electronic cash (several variations)
Wireless payments
Stored-value card payments
Loyalty cards
Person-to-person payment methods
Payments made electronically at kiosks
Findings:
In our project the interface of the project is very easy anybody can use it easily.
8. 2
In the other applications we cannot transfer the money any account but in our
project we can transfer the money any account.
Now the days the money transfer is no safe at the internet so we use give a
verify link on the email id or the phone.
In our project support the any credit card or the debit card.
This is a web application so no need to installation in the client side.
When the user verify your details then the transaction process start.
The Authentication of consumer.
9. Chapter-1
2
1. INTRODUCTION
The e-Transaction system is the designed targeted at the future banking solution for the users
who is having multiple bank accounts at the multiple banks. This interface integrates all
existing banks and provides business solutions for both retail and corporate
This system acts as a standard interface between the clients and all the banks that register with
the system and clients who maintains accounts in various banks don’t have to visit individual
bank’s website to make money transactions instead he can directly log on to E-Transaction
Interface and make any kind of request and get his work fulfilled and in the backend the system
will take care of all the obligation required in order to carry on transaction smoothly
The main Vision of this project is to eliminate all the diversities amongst banks, which
generally client faces at the time of any transaction. By doing so Client will used
to only one Systematic Standard way of banking and there by they will be at ease using
this system.
The kind of functionality it’s capable of providing also reveals the kind of banking facilities
that a customer could get online. Of course, the bank that implements this solution decides the
features available to customers.
Secure Electronic Transaction (SET) was communications protocol standard for securing
credit card transactions over insecure networks, specifically, the Internet. SET was not itself a
payment system, but rather a set of security protocols and formats that enabled users to employ
the existing credit card payment infrastructure on an open network in a secure fashion.
However, it failed to gain attraction in the market. VISA now promotes.
Electronic commerce or e-commerce provides participants, including consumers and
merchants, with a number of benefits, such as convenience and time savings. E-commerce
transactions can be categorized into business to business (B2B), business to consumer (B2C),
consumer to consumer (C2C), and public/private sectors to government [1]; we focus on B2C
transactions in this paper. In B2C transactions, the credit card is the most widely used method
of payment for Internet ecommerce transactions. According to an Internet shopping habits
survey conducted by Survey.Net (http://www.survey.net), 36% of Internet users purchase
goods by transmitting their credit card number via a secure form; the percentages for other
10. Chapter-1
3
payment methods are significantly lower. Given that the debit/credit card is the primary means
for consumers to purchase products or services online, the possible compromise of credit card
numbers is a serious threat to the consumer. The E-payment system brings users with higher
efficiency, credibility and speeding-up transactions settlement, which reduce the pay risks
caused by
time lags in handling the bills. However, it also comes with new risks, i.e. security problem of
transactions. The research reported here builds on the electronic payment security; we study
the security of e-commerce protocols and we propose a new efficient protocol to ensure a high
security for electronic payment transactions. The objective of our protocol is to provide issuers
with the ability to authenticate cardholders during an online purchase without involving the
third party VISA or MasterCard. We define a new transaction flow involving cardholder,
merchant, payment gateway and card issuer, and allowed parties to identify themselves to each
other and exchange information securely using digital certificate. For some implementation
reasons, the cardholder is not requested to have his digital certificate, he use the password code
to be authenticated by the card issuer
1.1Background study
Let’s consider a condition when a bank customer is having bank accounts in more than one
bank. The online banking system available at present is bank specific. Each bank is having
its own interface to interact with the bank. A customer can login to the bank and make the
transactions using the online banking provided by the bank. The way he interacts with
different banks .The user must learn how to interact with each system.
There are many e-secure transaction available in the market as like Paytm,Paypaal
,Payumoney etc.
Paytm is India's largest mobile payments and commerce platform. It started with online
mobile recharge and bill payments and has an online marketplace today. In a short span of
time we have scaled to over 158mn registered users and more than 90mn monthly
transactions.
Paypaal is Payment Data Transfer (PDT) provides merchants with the ability to display
transaction details to buyers who are redirected back to their site upon payment completion.
11. Chapter-1
4
Drawbacks of Existing System:
A user requires accessing the system on the fly. The user interfaces designed by the
different banks will confuse the user. He requires to learn how to use each and every user
interface of the bank in which he is having accounts. This process may be time consuming
and too irritating for the user also. When he transfers the accounts, He may probably prone
to click the different action when shifting from one bank user interface to other.
Mobile network connectivity is the biggest impediment. Network problems and reliable
and fast internet connectivity is not available in most of the developing countries.
There are many wallet operators and there is still no clear idea as to whether payments to
other wallet operators would be possible or not. For e.g. Airtel Money should be able to
pay to SBI Buddy
Enough support infrastructure is not available. In countries like India there is not enough
financial inclusion and financial literacy. Unless that builds up, there is no use in bringing in
more and more advanced technology.
1.2 Proposed System and Its Features
The e-Transaction Interface provides the following system features.
1. This system provides a Common User Interface for the customers to log on to any bank.
2. Here the user interface is Graphical User Interface.
3. This application is a Web based Application.
4. Being a web based application it doesn’t require any client side installation.
5. Any number of users can interact with the system simultaneously.
6. Eradicates the time consumed to learn how to use all the user interfaces of every bank in
which a customer is having account.
7. The transactions are secure.
12. Chapter 2
5
2. OVERALL DESCRIPTION
2.1 Product Perspective
The main purpose of the project is to Design and implementation of e-secure transaction. In this
project we use the electronic transaction system in which the user give the details of the account
and then the process will be start. The project based on the banking system. Most important use
of this project is the user can deposit the case and withdraw the case and user also can transfer
the case to other account.
The details of user are store in the database and then the when the user use the details then details
are pickup from the database.
The GUI will be composed of several windows, with the “main” window containing the
commonly used features in the system.
2.2 Product Features
• It will help to provide better quality and safe transaction to consumers.
• This is the web base application so the client no need to any other software.
• The user can send the amount of the money.
• In this project we discus about the electronic transaction system. The electronic transaction
system provide the feature to transfer the money from one account to other account.
• Being a web based application it doesn’t require any client side installation. • Any number
of users can interact with the system simultaneously
2.3 User Classesand Characteristics
In this project we are using the database MySQL so we use the user classes
• Admin
• User
System Administrator-NA
Personal User-NA
13. Chapter 2
6
2.4 Operating Environment
Software Environment:-
Software environment is the term commonly used to refer to support an application. A software
environment for a particular application could include the operating system, the database system,
specific development tools or compiler.
The software that we are using in our project Design and implementation of e secure transaction
system are -
• Pentium IV and above
• OS- Windows 8.1
• JDK 1.6
• Eclipse 3.5(Kepler)
• MYSQL 5.0
Hardware Environment:-
Hardware environment is the term commonly used to run an application using the software.
The physical device that we use to run our application constitutes the hardware environment.
A hardware environment for a particular application to run could include -
• Processor – dual core
• RAM – 1 GB and above
2.5 Designand Implementation Constraints
We are using the MySQL database for storing the information in this project we using the many
tables for storing the information of user and the Admin.
• The table for user registration store the information about the user as like the name and
the email, password etc.
• The second table we use to store the information of the Admin. In Admin information the
admin id and password are stored.
14. Chapter 2
7
• Third table is the storing the transaction details
2.6 Assumptions and Dependencies
Constraints are limitations which are outside the control of the project. The project must be
managed within these constraints.
Assumptions are made about events, or facts outside the control of project.
External dependencies are activities which need to be completed before an internal activity can
proceed.
Constraints, assumptions and dependencies can create risks that the project may be delayed
because access is not provided to the site (assumption).
Assumption will be that the minimum resources will be of standard size.
Constraints-
• Hardware limitation and timing constraints.
• High feature may not correspond to semantic similarity.
• Open source dependency and must support minimum 20 photos of digital image format.
System environment-
• A browse tool box and paint box.
• A web browser and the java development kit.
• Multiple selection facility.
15. Chapter-3
8
3. EXTERNALINTERFACE REQUIREMENTS
3.1User Interfaces
The user interface is everything designed into an information device with which a human being
may interact- including display screen, keyboard, mouse, light pen, the appearance of a desktop,
illuminated characters, help messages, and how an application program or a website invites
interaction and response to it. The user interface can include the total “user experience”, which
may include the aesthetic appearance of the device, response time and the content that is presented
to the user within the context of the user interface.
The GUI will be composed of several windows, with the “main” window containing the
commonly used features in the system.
Windows in the GUI are defined as follows:-
Describe the logical characteristics of each user interface that the system needs. Some possible
items to include are
* References to GUI standards or product family style guides that are to be followed.
* Standards for fonts, icons, button labels, images, colour schemes, field tabbing sequences,
commonly used controls, and the like.
* Screen layout or resolution constraints.
* Standard buttons, functions, or navigation links that will appear on every screen, such as a help
button.
* Shortcut keys.
* Message display conventions.
* Layout standards to facilitate software localization.
* Accommodations for visually impaired users.
Document the user interface design details, such as specific dialog box layouts, in a separate user
interface specification, not in the SRS. Including screen mock-ups in the SRS to communicate
another view of the requirements is helpful, but make it clear that the mock-ups are not the
committed screen designs. If the SRS is specifying an enhancement to an existing system, it
sometimes makes sense to include screen displays exactly as they are to be implemented. The
16. Chapter-3
9
developers are already constrained by the current reality of the existing system, so it's possible to
know up front just what the modified, and perhaps the new, screens should look like.
Main Window
Always open while the software is running. Features the main display elements of the GUI, is spilt
up into different “Views”, and supports drop-down menus. The different views in the main window
are:
Tag View
The Tag View shows all tags presently defined in the system, and allows the user to click on one,
or multiple tags, which will dictate the image’s names displayed in the File View.
File View
The File View will show image names based on the selected tags, or all image names, if no tag is
selected.
3.2Hardware Interfaces
An architecture use to interconnect two devices together. A hardware interface is described by the
mechanical, electrical and logical signals at the interface and the protocol for sequencing them
(sometimes called signalling). Hardware interfaces exist in many of the components such as the
various buses, storage devices, other input output devices, etc.
Here, the user will interact with the software through: monitor, keyboard, & mouse.
The input will be received via mouse and keyboard, and
Feedback provided through the monitor GUI.
Describe the characteristics of each interface between the software and hardware components of
the system. This description might include the supported device types, the data and control
interactions between the software and the hardware, and the communication protocols to be
used.
3.3 Software Interfaces
A Software interface may refer to a wide range of different types of interface at different “levels”:
An operating system may interface with pieces of hardware. Applications or programs running on
17. Chapter-3
10
the operating system may need to interact via streams, and in object oriented programs, objects
within an application may need to interact via methods.
Describe the connections between this product and other software components (identified by name
and version), including databases, operating systems, tools, libraries, and integrated commercial
components. State the purpose of the messages, data, and control items exchanged between the
software components. Describe the services needed by external software components and the
nature of the intercomponent communications. Identify data that will be shared across software
components. If the data-sharing mechanism must be implemented in a specific way, such as a
global data area, specify this as a constraint.
The system will have several dependencies to operate correctly. These will include JAVA
DEVLOPMENT KIT libraries, the JDK and the Operating System. Software dependencies will be
as follows:
1. JDK 1.6 or above version
2. Windows XP and above.
3. MySQL Query Processing tool.
4. JRE.
3.4 Communications Interfaces
For a person to use this GUI application, it is only required to have this software or application on
his or her system and nothing else. Since it is a offline application software so there is no need of
any internet connection.
State the requirements for any communication functions the product will use, including e-mail,
Web browser, network communications protocols, and electronic forms. Define any pertinent
message formatting. Specify communication security or encryption issues, data transfer rates, and
synchronization mechanisms.
It does not communicate with any external interface. All its requirements are met from inside the
software. So no communication interface is there.
18. Chapter-4
12
4. OTHER NONFUNCTIONAL REQUIREMENTS
4.1 Performance Requirements
A performance requirement specifies the speed or operational effectiveness of a capability that
must be delivered by the system architecture as seen by the technical layers within that system
architecture. Performance requirements deal with the architecture of the overall system.
A very interactive GUI is provided which helps the user to easily interact with the system. This
application allows users to operate with little or no learning.
The extent to which a mission or function must be executed; generally measured in terms of
quantity, quality, coverage, timeliness or readiness. During requirements analysis,
performance (how well does it have to be done) requirements will be interactively developed
across all identified functions based on system life cycle factors; and characterized in terms of
the degree of certainty in their estimate, the degree of criticality to system success, and their
relationship to other requirements.
4.2Security Requirements
SET architecture utilizes PKI to address limitations found in SSL/TLS.
The following are SET technologies designed to support PKI.
A. Mandatory Digital Certificates
SET enforces the use of digital signatures to authenticate identity of customer and merchant in
order to mitigate the risk of information being manipulated by a malicious third party. In the
SET scheme, Certificate Authority (CA) issues digital certificates to the issuing bank or ‘the
issuer’ (CERTISS = Sign(SKCA)[PKISS]) and the acquiring bank or ‘the acquirer’
(CERTACC = Sign(SKCA)[PKACC]). The issuer and the acquirer also play important roles
in issuing digital certificates that are mandatory in the SET scheme.
19. Chapter-4
13
Customers must apply for digital certificates from their issuing bank (CERTCUS =
Sign(SKISS)[PKCUS]), whilst the acquiring bank will be responsible for issuing digital
certificates for merchants (CERTMER = Sign(SKACC)[PKMER]) [14], [21]. In order for
customers to obtain digital certificates, SET requires the customer to have been through an
initialization process. For example, an asymmetric key pair for the customer must be generated.
Then, the e-consumer’s public key must be sent to the customer’s bank (‘the issuer’), which
generates a public key certificate for the customer using the issuer’s private signature key. The
system ‘root’ public key will be distributed to the customer, along with the customer’s public
key certificate. The customer’s private key will be stored in a ‘digital wallet’ on the customer’s
PC, which typically will be password protected.
B. Dual Signatures :SET ensures the confidentiality and privacy of purchasing information
at all stages of transaction processing, including data transmission and data storage. In the
SET scheme customer purchasing information is classified into order and payment
information (OI and PI) [12], [13]. Both OI and PI are encrypted with separate public keys.
Merchant public keys are used to encrypt OI (E(PKMER)[OI]), and acquiring bank public
keys are used to encrypt PI (E(PKACC)[PI]). This is to make sure that the encrypted OI
can only be decrypted Software Quality Attribute
4.3 Software Quality Attributes
Quality attribute requirements include performance, security, modifiability, reliability, and
usability that have a significant influence on the software architecture of a system. Some of
these attributes are related to the overall system design, while others are specific to runtime,
design time, or user centric issues. The extent to which the application possesses a desired
combination of quality attributes indicates the success of the design and the overall quality of
the software application.
The system should be user friendly and very simple to use. Results should be given in an
average time. System should be flexible to handle updates.
Fast working
Scalable and portable
20. Chapter-4
14
Easy to use and interface of the system is user-friendly
Robustness: Robustness is the ability of a computer system to cope up with errors during
execution. Robustness can also be defined as the ability of an algorithm to continue operating
despite abnormality in input, calculations etc. In the electronic transaction system we secure
the data by using the encryption and decryption algorithms. The details of the user are
encrypted mode.
Effectiveness: Effectiveness is the capability of producing a desired result when something is
deemed effective, it means it has an intended or expected outcome, or produces a deep, vivid
impression. Effectiveness is defined as The accuracy and completeness of users’ tasks while
using a system”. There is the transaction speed high and . system is fast. The user can easily
send the money our account and other
Implementation simplicity: Simplicity in implementation means its easy for programmer to
work with their stuff. The code of the java is easily used. We are doing the code simply and
also we create the secure code and the database should be also secure. In the java code the
functions are called in the javaBean and the winding of the function is JSF page or the xhtml
page. So the code is secure.
21. Chapter-5
15
5. DESIGN SPECIFICATIONS
5.1 Assumptions
The transction can be fail in the one movement.
Minimum resources are available in system in context of memory and CPU frequency.
Many times the request for the transfer is fail then the user take the other options.
The user can order for the payment but order is not conform.
5.2 Constraints
Hardware limitation: Large memory is required.
Signal timing requirements: Large processing time is required for output images.
High feature similarity may not always correspond to semantic similarity.
Different users at different time may give different input for the transaction.
The user can access the limited features of the system .
The application send the money only 10000 in one day.
This application only user for deposit ,withdraw ,fund transfer .
5.3 SystemEnvironment
The system shall contain:-
A browse that will enable the user to select the option for login and signup .and also the
select one option either transfer fund, deposit withdraw.
The transaction system enabling users to use the features of it .
In the e secure transaction system the user use the bank details to know about your balance and
other information.
23. Chapter-5
17
5.4.1 Risk Identification and Analysis
Because of rapid changes in information technology, no list of risks can be exhaustive. The
intention in this document is to describe a broad, representative set of risks as a basis for designing
general guidance for risk management. Specific risks facing banks engaged in electronic banking
and electronic money activities can be grouped according to risk categories discussed in other
Basle Committee risk management documents and, in this sense, the risks are not new.6
Categorising risks in this manner can be helpful in systematically identifying risks in a banking
organisation. The Annex presents examples of specific risks and problems banks may face in
electronic banking and electronic money activities grouped into risk categories. While the basic
types of risks generated by electronic banking and electronic money are not new, the specific ways
in which some of the risks arise, as well as the magnitude of their impact on banks, may be new
for banks and supervisors. Some of the risks and problems banks may face apply both to electronic
money and electronic banking activities. However, there are likely to be differences in the degree
to which a particular risk is applicable across different electronic money and electronic banking
activities. At this stage, it would appear that operational risk, reputational risk, and legal risk may
be the most important risk categories for most electronic banking and electronic money activities,
especially for diversified international banks, and the next three subsections discuss specific
manifestations of these types of risks. Some of the specific problems cut across risk.categories.
For example, a breach of security allowing unauthorised access to customer information can be
classified as an operational risk, but such an event also exposes the bank to legal risk and
reputational risk. Even though these different types of risks may result from a single problem,
appropriate risk management may require several remedies to address each of these different risks.
Other risks may also be important for some forms of electronic banking and electronic money
activities, and these are discussed thereafter. Possible cross border risks are also discussed.
1. Operational risk:
Operational risk arises from the potential for loss due to significant deficiencies in
system reliability or integrity. Security considerations are paramount, as banks may be
subject to external or internal attacks on their systems or products. Operational risk can
also arise from customer misuse, and from inadequately designed or implemented
24. Chapter-5
18
electronic banking and electronic money systems. Many of the specific possible
manifestations of these risks apply to both electronic banking and electronic money.
2. Security risks
Operational risk arises with respect to the controls over access to a bank’s critical
accounting and risk management systems, information that it communicates with other
parties and, in the case of electronic money, measures the bank uses to deter and detect
counterfeiting. Controlling access to bank systems has become increasingly complex
due to expanded computer capabilities, geographical dispersal of access points, and the
use of various communications paths, including public networks such as the Internet.
It is important to note that with electronic money, a breach of security could result in
fraudulently created liabilities of the bank. For other forms of electronic banking,
unauthorised access could lead to direct losses, added liabilities to customers or other
problems. A variety of specific access and authentication problems could occur. For
example, inadequate controls could result in a successful attack by hackers operating
via the Internet, who could access, retrieve, and use confidential customer information.
In the absence of adequate controls, an outside third party could access a bank’s
computer system and inject a virus into it. In addition to external attacks on electronic
money and electronic banking systems, banks are exposed to operational risk with
respect to employee fraud: employees could surreptitiously acquire authentication data
in order to access customer accounts, or steal stored value cards. Inadvertent errors by
employees may also compromise a bank’s systems. Of direct concern to supervisory
authorities is the risk of criminals counterfeiting electronic money, which is heightened
if banks fail to incorporate adequate measures to detect and deter counterfeiting. A bank
faces operational risk from counterfeiting, as it may be liable for the Electronic money
6 amount of the falsified electronic money balance. In addition, there may be costs
associated with repairing a compromised system
5.5 Risk and Volatile areas
Risk classification is considered as an economical way of analysing risks and their causes by
grouping similar risks together into classes. Software risks could be classified as internal or
external. Those risks that come from risk factors within the organization are called internal risks
25. Chapter-5
19
whereas the external risks come from out of the organization and are difficult to control. Netscape
Inc originally created the Secure Sockets Layer (SSL) protocol. On account of its popularity and
acceptance, it is now implemented in all web browsers. SSL has two main objectives:
1. To ensure confidentiality, by encrypting the data that moves between the communicating
parties (client and the server).
2. To provide authentication of the session partners, using RSA algorithm. The SSL protocol two
protocols: A.The SSL Handshake protocol, in which the communicating parties (client and the
server) authenticate themselves and negotiate an encryption key. One point to note here is that the
SSL there is significant additional overhead in starting up an SSL session.
26. Chapter-6
20
6: ARCHITECTURE
The architecture provides the top level design view of a system and provides a basis for more
detailed design work Provide or reference a detailed description and diagrams of the architecture.
Figure 6.1 Architecture of e-secure transaction system
27. Chapter-6
21
6.1 Overview
Procedure 1
In The procedure one the user can fill the necessary information as like name account number and
password, mobile number etc. And then the user signup. The information of user is stored in the
database and when we login then the information are picked from the database.
Procedure 2
The user can login in the system and use the different features of the system. After login user can
modified our account details and use for the transaction .The transaction should be any of the bank
.user only need account number and the name.
Procedure 3
The admin managed the system and when user fill the information then access the data from the
database. In the procedure the user can be assign he values of the variables and manage the all the
information or working of the user.
Procedures 4 and 5
This part is the core of this application. In this the user fill the name and the account number and
from or to account number the enter which account the balance is transfer and another account
number the transaction details are stored in the database system. The process should be work for
encrypted details of the card etc.
Procedure 6
The module of transferring the balance the transaction details are shoe in the order box and the
user can send the data on the process models. The process to send the money from one account to
other account is called the fund transfer.
Procedure 7
The user can also do the recharge by this system. The user can enter the mobile number and
operator and circle and then enter the amount and process the recharge. After processing of the
28. Chapter-6
22
recharge the user can provide the details of the our credit card or debit card then recharge will be
done.
Procedure 8
In this section the user can pay the bill for Electricity ,water and landline etc.the user can enter
the Bill no and amount and then provide the details of debit card or credit card and the payment
is done. The user can enter the amount in the numeric format if user try to enter charter value
then it can’t accept the . The user enter the card Number and etc
6.2 Modules
6.2.1 Admin Module:
Only an Administrator can have access to this module, He must accept or reject the Banker who
registered with the system. He performs the counter check on the banker who applied for
registration with the system. He must also authorize the pending user requests also. If a user or
banker registers with the system the administrator must authorize the user or banker to register
with the system. Finally it calls the sign out button, which will take the administrator to the home
page. The module will update the database after the administrator has authorized or declined the
user requests.
In the admin module the admin can see the all the details of the user and see how many users are
register and how many users are new in the website. The admin can delete the user account and
also block the user account.
The admin can see how many transactions are done and admin can see all the details of the
transaction. The admin also see the all the fund transferred by the user and all the details of the
fund transfer. The admin can revert the fund to the account and update the all information of the
user. The user see the all the history of the user like transaction history and fund transfer ,bill
payment history ,recharge history.
6.2.2 User Module
To become a customer to the system. The person must register with the system first. By clicking
on the sign in a person can have access to the application form, which consists of the details about
29. Chapter-6
23
the person .Then the request is sent to the administrator After the administrator accepted the request
from the customer, The customer can login to this account. Then after logging in with the user
name and password given by the administrator. The system verifies the username and password
with the database stored and then it gives the access to the customer login page. The customer
login page consists of select account; create a new account, back and home page buttons. If a user
requires to register a new bank account. He clicks the new account and fills the particulars and
click on submit button. The request was sent to the specified bank admin for acceptance. After
acceptance the user can use the bank account for the funds transfer. The funds transfer screen
displays the current account balance in the bank and amount to be transferred and the target account
to which the funds to be transferred. The request is sent to the banker for verification and
acceptance. The funds are successfully transferred if the banker accepts. The customer can also
see the pending transfers. The present status of the transfer from his login.
When the user register then we send a verification email on the user email id. The user can click
on the verification link and verify the account. After the registration the details of the user stored
in the encrypted format. The user details like password and card number are stored in the encrypted
form. We use the AES algorithm for encryption and decryption. After registration the user can
login and use the features of the system like fund transfer and bill payment and recharge etc. the
user can use the functionality of the system after login if the user try to use the functionality then
a the alert message” You are not Login please login first ”.
In the fund transfer the user can enter the sender and the receiver account number the system
accept account number in the numeric form if the user try to enter the other format then it can’t
acceptable. The user also enter the amount and the receiver name and IFSC code of the receiver
bank.
For recharge the user enter the mobile number and amount of the recharge and also operator and
circle. When the recharge done then the system give a message “Recharge successful” and give
the details of the recharge.
30. Chapter-7
24
7. UML DIAGRAMS
The Unified Modeling Language (UML) is a general-purpose, developmental, modeling
language in the field of engineering, that is intended to provide a standard way to visualize the
design of a system. UML was developed by Grady Booch, Ivar Jacobson and James
Rumbaugh at Rational Software in 1994–95.
7.1 Use case Diagram:
A use case diagram is a representation of a user's interaction with the system that shows the
relationship between the user and the different use cases in which the user is involved. A use
casemeans the behaviour of the system when it is running operating.
So only static behaviour is not diagram can identify the different types of users of a system and
the different use cases.
To model a system the most important aspect is to capture the dynamic behaviour. To clarify a bit
in details, dynamic behaviour sufficient to model a system rather dynamic behaviour is more
important than static behaviour. In UML there are five diagrams available to model dynamic nature
and use case diagram is one of them. Now as we have to discuss that the use case diagram is
dynamic in nature there should be some internal or external factors for making the interaction.
These internal and external agents are known as actors. So use case diagrams are consists of actors,
use cases and their relationships. The diagram is used to model the system subsystem of an
application. A single use case diagram captures a particular functionality of a system.
So to model the entire system numbers of use case diagrams are used.
32. Chapter-7
26
7.2 Noun Phrase Analysis:
The main phrase approach was proposed by Rebecca Wafers Brock, Brian Wilkerson and Lauren
Wiener. All plurals are changed to singular, the nouns are listed, and the list divided into 3
categories relevant classes, fuzzy classes and irrelevant classes.
Using the noun phrase strategy, candidate classes can be divided into 3 categories: Relevant
classes, Fuzzy area or Fuzzy classes and irrelevant classes.
The following are guidelines for selecting classes in an application.
Look for nouns and noun phrases in the use cases.
Some classes are implicit or taken from general knowledge.
All classes must make sense in the application domain avoid computer
implementation classes – defer them to the design stage.
Firstly, user signup and then provide the details of our account and the some other information then
the submit details and the details are stored in the database system .the system load the data and
then display the data. The account no use for the update the account balance. Add and remove the
details.
Noun Verbs
Signup Load
Details Display
Account_no Update
Data Submit
Remove Add
Table 7.1 Noun Phrase Analysis for transaction system
7.3 Class Diagram:
A class diagram is a type of static structure diagram that describes the structure of a system by
showing the system's classes, their attributes, operations (or methods), and the relationships among
objects.
33. Chapter-7
27
Class diagrams are probably the most important diagrams of UML. They can be used for various
purposes and at different times in the development life cycle. Class diagrams are often applied to
analyze the application domain. A Class can be represented as:
• Each class is represented by a rectangle subdivided into three compartments
– Name
– Attributes
– Operations
• Modifiers are used to indicate visibility of attributes and operations.
– ‘+’ is used to denote Public visibility (everyone)
– ‘#’ is used to denote Protected visibility (friends and derived).
– ‘-’ is used to denote Private visibility (no one).
The class diagram is a static diagram, it represents the static view of an application.
Class diagram is not only used for visualizing, describing and documenting different aspects of a
system but also for costructing executable code of the software applicatiin.
The class diagram describes the attributes and operations of a class and also the constraints
imposed on the system. The class diagram shows a collection of classes, interfaces, associations,
collaberations and constraints. It is also known as structural diagram.
Purpose -
Analysis and design of the static view of an application.
Describe responsibility of system.
Base for component and deployment diagrams.
Forward and reverse engineering.
34. Chapter-7
28
7.4 Class Responsibility Collaborator:
A Class Responsibility Collaborator (CRC) model is a collection of standard index cards that have
been divided into three sections as depicted in Figure.
• Class represents a collection of similar objects. An object is a person, place, thing, event,
concept, screen, or report that is relevant to the system.
Figure 7.2 Class Diagram of electronic transaction system
Figure 7.3(A) CRC Prototype
35. Chapter-7
29
• A responsibility is something that a class knows or does. The things that a class knows
and does constitute its responsibilities.
• A collaborator is another class that a class interacts with to fulfil its responsibilities. The
collaborators of a class are shown in the right-hand column of a CRC card.
• Cards that collaborate with one another are close to each other, cards that don’t collaborate
are not near each other.
• Class-responsibility-collaboration (CRC) cards were originally proposed by Ward
Cunningham and Kent Back. CRC cards are a viable alternative to UML sequence
diagrams to design the dynamics of object interaction and collaboration.
Figure 7.3(B) CRC model for e-secure electronic transaction
36. Chapter-7
30
7.5 Sequence Diagram:
A Sequence diagram is an interaction diagram that shows how processes operate with one another
and in what order. It is a construct of a Message Sequence Chart. A sequence diagram shows object
interactions arranged in time sequence. It depicts the objects and classes involved in the scenario
and the sequence of messages exchanged between the objects needed to carry out the functionality
of the scenario. Sequence diagrams are sometimes called event diagrams or event scenarios.
A sequence diagram shows, as parallel vertical lines (lifelines), different processes or objects that
live simultaneously, and, as horizontal arrows, the messages exchanged between them, in the order
in which they occur.
Figure 7.4 Sequence Diagram of e-secure transaction system
37. Chapter-7
31
7.6 Activity Diagram:
Activity diagrams are graphical representations of workflows of stepwise activities and actions
with support for choice, iteration and concurrency. In the Unified Modeling Language, activity
diagrams are intended to model both computational and organizational processes (i.e. workflows).
Activity diagrams show the overall flow of control.
Activity diagrams are constructed from a limited number of shapes, connected with arrows. The
most important shape types:
• Rounded rectangles represent actions;
• Diamonds represent decisions;
• Bars represent the start (split) or end (join) of concurrent activities;
• A black circle represents the start (initial state) of the workflow;
• An encircled black circle represents the end (final state).
Figure 7.5 Sequence Diagram of e-secure transaction system
38. Chapter-7
32
Overview:
Activity diagram is another important diagram in UML to describe dynamic aspects of the system.
Activity diagram is basically a flow chart to represent the flow form one activity to another activity.
The activity can be described as an operation of the system.
So the control flow is drawn from one operation to another. This flow can be sequential, branched
or concurrent. Activity diagrams deals with all type of flow control by using different elements
like fork, join etc.
Purpose:
The basic purposes of activity diagrams are similar to other four diagrams. It captures the dynamic
behaviour of the system. Other four diagrams are used to show the message flow from one object
to another but activity diagram is used to show message flow from one activity to another.
Activity is a particular operation of the system. Activity diagrams are not only used for visualizing
dynamic nature of a system. The only missing thing in activity diagram is the message part.
39. Chapter-7
33
7.7 Data Flow Diagrams
Data flow diagrams are the basic building blocks that define the flow of data in a system to the
particular destination and difference in the flow when any transformation happens. It makes whole
procedure like a good document and makes simpler and easy to understand for both programmers
and non-programmers by dividing into the sub process. The data flow diagrams are the simple
blocks that reveal the relationship between various components of the system and provide high
level overview, boundaries of particular system as well as provide detailed overview of system
elements.
Figure 7.6 Activity Diagram of E-secure transaction system
40. Chapter-7
34
The data flow diagrams start from source and ends at the destination level i.e., it decomposes from
high level to lower levels. The important things to remember about data flow diagrams are: it
indicates the data flow for one way but not for loop structures and it doesn’t indicate the time
factors. c
The general notations for constructing a block diagram in this project are:
Data flow process
Process
Data store
Source
Data flow processes:
It will define the direction i.e., the data flow from one entity to another entity.
Process: Process defines the source from where the output is generated for the specified input. It
states the actions performed on image such that they are transformed, stored or distributed.
Data store: It is the place or physical location where the data is stored after extraction from the
data source.
Source: It is the starting point or destination point of the data, stating point from where the
external entity acts as a cause to flow the data towards destination.
44. Chapter-7
38
Figure 7.7.4 DFD Level 3 of secure transaction
7.8 Pert Chart
A PERT chart is a project management tool used to schedule, organize, and coordinate tasks within
a project. PERT stands for Program Evaluation Review Technique, a methodology developed by
the U.S. Navy in the 1950s to manage the Polaris submarine missile program. A similar
methodology, the Critical Path Method (CPM) was developed for project management in the
private sector at about the same time.
A PERT chart presents a graphic illustration of a project as a network diagram consisting of
numbered nodes (either circles or rectangles) representing events, or milestones in the project
linked by labelled vectors (directional lines) representing tasks in the project. The direction of the
45. Chapter-7
39
arrows on the lines indicates the sequence of tasks. In the diagram, for example, the tasks between
nodes 1, 2, 4, 8, and 10 must be completed in sequence. These are called dependent or serial tasks.
The tasks between nodes 1 and 2, and nodes 1 and 3 are not dependent on the completion of one.
These tasks are called parallel or concurrent tasks. Tasks that must be completed in sequence but
that don't require resources or completion time are considered to have event dependency. These
are represented by dotted lines with arrows and are called dummy activities. For example, the
dashed arrow linking nodes 6 and 9 indicates that the system files must be converted before the
user test can take place, but that the resources and time required to prepare for the user test (writing
the user manual and user training) are on another path. Numbers on the opposite sides of the vectors
indicate the time allotted for the task.
The PERT chart is sometimes preferred over the Gant chart, another popular project management
charting method, because it clearly illustrates task dependencies. On the other hand, the PERT
chart can be much more difficult to interpret, especially on complex projects. Frequently, project
managers use both techniques.
Figure 7.5 Pert chart of e-secure transaction system
46. Chapter8
40
8. DATABASE
A database is a collection of information that is organized so that it can be easily accessed,
managed and updated.
Data is organized into rows, columns and tables, and it is indexed to make it easier to find relevant
information. Data gets updated, expanded and deleted as new information is added. Databases
process workloads to create and update themselves, querying the data they contain and running
applications against it.
Computer databases typically contain aggregations of data records or files, such as sales
transactions, product catalogs and inventories, and customer profiles.
Typically, a database manager provides users with the ability to control read/write access, specify
report generation and analyze usage. Some databases offer ACID (atomicity, consistency,
isolation and durability) compliance to guarantee that data is consistent and that transactions are
complete.
Databases are prevalent in large mainframe systems, but are also present in smaller
distributed workstations and midrange systems, such as IBM's AS/400 and personal computers.
8.1 Tables
Table is a collection of related data held in a structured format within a database. It consists of
columns, and rows.
In relational databases and flat file databases, a table is a set of data elements (values) using a
model of vertical columns (identifiable by name) and horizontal rows, the cell being the unit where
a row and column intersect. A table has a specified number of columns, but can have any number
of rows. Each row is identified by one or more values appearing in a particular column subset. The
columns subset which uniquely identifies a row is called the primary key.
"Table" is another term for "relation"; although there is the difference in that a table is usually a
multiset (bag) of rows where a relation is a set and does not allow duplicates. Besides the actual
data rows, tables generally have associated with them some metadata, such as constraints on the
table or on the values within particular columns
In this system there are the many tables are use. The tables manage the data in the tabular form
in the table many fields are present.
47. Chapter8
41
There following tables are use in the system
1 Registration Table
In this table the user information are stored. The registration table use for the store the information
of the register user .when the user login then the information match by the registration table.
Id Name Role Password Email Mobile City Account no Card no
1 Ajit
Singh
Adm
in
+altLeSFaLJ884R
rpjx+tA==
ajitcs201
5@gmail.
com
9529834
087
Sikar 074800010
0424439
W8hbS
UU6h3
C/Vk8a
UfOKx
w==
2 Radha User *xy=--
tkFRSVvddjf
Rdha779
5@gmail.
com
9741545
452 Alwar
074855525
566652221
21
Mnabnf
nmfb==
UUFF
3 Sharvan User +xvlYYRDS546+
it==
Sharvan
modi900
@gmai.c
om
8555545
698
Jalor 074525255
8545445
W8hbS
UU6h3
C/Vk8a
UfOKx
w==
Table 8.1 Registration table.
2. Bill payment Table
In the bill payment table the bill pay entrees are enter. When a user pay a bill then the details of
the payment are stored in the database these details are show in the admin panel the admin can see
the all the details of the bill pay.
48. Chapter8
42
Id Card no Provider Type Amount Date
1 bKbEjwhQU9RvZUVwH1iy9a
u2Hc
JVLN Electricity 250 2017-01-19
17:23:31
2 bKbEjwhQU9RvZUVwH1iy9a
u2Hc
AWN Water 100 2017-02-20
15:23;31
3 JHGJGV5646===6atfbd Airtel Postpaid 600 2017-02-20
15:23;31
Table 8.2. Bill Pay Table.
3. Fund Transfer
In the fund transfer table the details of the fund transfer are stored .when the user transfer the fund
then the details of the transaction are stored in the database. The details of the fund transfer are
show in the admin panel.
Id Sender A/c no Receiver A/c no IfSC code Amount Date
1 0748000100424439 0748000100443978 Punb074800 5000 03:03:2017
15:25:31
2 6233588545632145 0748000100424439 Punb074800 1000 05:03:2017
13:12:21
3 1622854565231002 1826971252487578 Axis523 100 06:03:2017
09:10:25
Table 8.3. Fund Transfer Table
4. Recharge
In the recharge table the recharge history are stored. When a user do the recharge the all the details
of the recharge stored in the recharge table and all the details of the recharge table show in the
admin panel.
49. Chapter8
43
id Card No Amoun
t
Mobile No circle Operator Date
1 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
200.00 9509249443 Rajasthan idea 2017-01-19
17:22:39
2 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
100.00 9509249443 Rajasthan idea 2017-01-19
19:15:12
3 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:17:42
4 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:20:09
5 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:27:07
6 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:29:19
7 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:29:34
8 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:29:52
9 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
50.00 4556895623 Rajasthan idea 2017-01-19
19:30:16
10 bKbEjwhQU9RvZUV
wH1iy9au2HcytW
100.00 9509249443 Rajasthan idea 2017-01-19
19:31:30
Table 8.4. Recharge Table.
50. Chapter- 9
44
9. Test Cases
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual
Result
PASS/
FAIL
Bug id COMMENT
1. Enter user id
‘ajitcs2015@gmail.com’
and password ‘ajit1995’
The system
displays the user
verified
The system
display the
email id
and
password
Fail <Executed>
2. Click the ‘LOGIN’
button.
The system will
give the Login
success alert
The system
display the
pop up
Pass <Executed>
Test Case: #1
System: epayumoney.com
Designedby: Ajit Singh ,Sharvan kumar
Executed by: Ajit Singh
Short Description: Test the login page.
Test Case Name: Login Page
DesignDate: 17/09/2016
Execution Date: 21/03/2017
Pre-Conditions:
1. The current user id is ajitcs2015@gmail.com
2. The current password is ajit1995
Post-Conditions:
1. Password ‘ajit1995’ is saved in database for user ‘Ajit Singh’.
51. Chapter- 9
45
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter user id ‘ ’
and password ‘
’.
Enter user id.
Enter password.
Give the message
“Enter the User
id and password
”
Pass <Executed>
2. Click the
‘LOGIN’
button.
Redirects to Login
Page.
Pass <Executed>
Test Cases: #2
System: epayumoney.com
Designedby: Ajit Singh ,Sharvan kumar
Executes by: Ajit Singh ,Radha Saini,Sharvan Kumar
Short Description: Test the login service
with blank user id and
password.
Test Case Name: Login Page
DesignDate: 17/09/2016
Execution Date: 17/09/2016
Pre-Conditions:
1. The current user id is blank.
2. The current password is blank.
Post-Conditions:
1. The current user id is blank.
2. The current password is blank.
52. Chapter- 9
46
s
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter user id
‘ABC’ and
password ‘XYZ’.
No Response No response Pass <Executed>
2. Click the
‘LOGIN’ button.
Give the user
does not exist
message
Redirect to
Login Page.
Give the user
does not exist
message
Redirect to
Login Page.
Pass <Executed>
Test Cases: #3
System: epayumoney.com
Designedby: Ajit Singh ,Sharvan kumar
Executes by: Ajit Singh ,Radha Saini
Short Description: Test the login service
with wrong user id
and password.
Test Case Name: Login Page
DesignDate: 17/09/2016
Execution Date: 21/03/2017
Pre-Conditions:
1. The current user id is ABC.
2. The correct user id in database is ajitcs2015@gmail.com.
3. The current password is XYZ.
4. The correct password in database is ajit1995.
Post-Conditions:
1. The current user id is blank.
2. The current password is blank.
53. Chapter- 9
47
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMEN
T
1. Enter user id
‘a$b’ and
password ‘_&
yz’.
No Response No Response Pass <Executed>
2. Click the
‘LOGIN’
button.
User does not
exist
Redirect to the
Login Page.
User does not exist
Redirect to the
Login Page.
Pass <Executed>
Test Cases: #4
System: epayumoney.com
Designedby: Ajit Singh, Sharavn kumar
Executes by: Ajit Singh,Radha Saini
Short Description: Test the login service with
wrong user id and password
(special symbols).
Test Case Name: Login Page
DesignDate: 17/09/2016
Execution Date: 17/09/2016
Pre-Conditions:
1. The current user id is ‘a$b’.
2. The correct user id in database is ‘ajitcs2015@gmail.com’.
3. The current password is ‘_& yz’.
4. The correct password in database is ‘ajit1995’.
Post-Conditions:
1. The current user id and password are wrong.
54. Chapter- 9
48
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result Bug id PASS/
FAIL
COMMENT
1. Enter user id,
password, confirm
password and email
id.
The system
displays the user
verified message.
No Response 1101
The
verified
message
don’t
show
Fail <Executed>
2. Click on the
‘REGISTER’
button.
The user will
registered.
The user will
registered.
Pass <Executed>
Test Cases: #5
System: epayumoney.com
Designedby: Ajit Singh , Sharvan Kumar,Radha Saini
Executes by: Ajit Singh
Short Description: Test the Registration Service.
Test Case Name: Registration
User
DesignDate: 03/12/2016
Execution Date: 21/03/2017
Pre-Conditions:
1. The current user id is not available in database.
2. The current password is not available in database.
3. The current Email id is not available in database.
Post-Conditions:
1. New user is registered with username ‘xyz’ , password ‘abs’ and Email id
abc@gmail.com’ into the database.
55. Chapter- 9
49
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter the
Email id
‘abc.com@ga
mil’.
Invalid Email id. Invalid Email id. Pass <Executed>
2. Click on the
‘REGISTER’
button.
The user will not
be registered.
The user will not be
registered.
Pass <Executed>
Test Cases: #6
System: epayumoney.com
Designedby: Ajit Singh, Sharvan Kumar
Executes by: Ajit Singh ,Radha Saini
Short Description: Test the Registration Service
with wrong Email Id.
Test Case Name: Registration
User
DesignDate: 03/12/2016
Execution Date: 03/12/2016
Pre-Conditions:
1. The current user id is not available in database.
2. The current password is not available in database.
3. The current Email Id will be ‘abc.com@gmail’.
Post-Conditions:
1. New user will not be registered.
56. Chapter- 9
50
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter user id ‘ ’ ,
password ‘ ’,
confirm
password ‘ ’ and
email id ‘ ’.
No Response No Response Pass <Executed>
2. Click on the
‘REGISTER’
button.
Please enter the user
id, password, confirm
password, Email id.
Please enter the
user id,
password,
confirm
password, Email
id.
Pass <Executed>
Test Cases: #7
System: epayumoney.com
Designedby: Ajit Singh ,Radha Siani
Executes by: Ajit singh
Short Description: Test the Registration Service
with blank user id, password,
confirm password and Email id.
Test Case Name: Registration
User
DesignDate: 03/12/2016
Execution Date: 03/12/2016
Pre-Conditions:
1. The current user id is not available in database.
2. The current password is not available in database.
3. The current Email id is not available in database.
Post-Conditions:
1. New user will not be registered.
57. Chapter- 9
51
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
COMMENT
1. Node is not
selected.
No further steps proceeds. No further steps
proceeds.
Pass <Executed>
Test Cases: #8
System: epayumoney.com
Designedby: Ajit Singh,Sharvan Kumar
Executes by: Ajit Singh,Sharvan Kumar
Short Description: Test the condition when any
node is not selected by user.
Test Case Name: Start Page
DesignDate: 03/12/2016
Execution Date: 22/03/2017
Pre-Conditions:
1. Node is not selected.
Post-Conditions:
1. Graph will not be generated.
58. Chapter- 9
52
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
COMMENT
1. Enter the Account number”
aadjhfg855”
No Response Don not accept the
this format
Fail <Executed>
2. Enter the account number in
numeric form
Accept the values Accept the values Pass <Executed>
3. Click on the Check button
without entering the A/c
number
Give the message “
Account number is
not valid ”
Give the message “
Account number is
not valid ”
Pass <Executed>
4. Click on the deposit button Give the deposit
success message
Give the deposit
success message
Pass <Executed>
Test Cases: #9
System: epayumoney.com
Designedby: Ajit Singh
Executes by: Ajit Sinhg ,Sharvan Kumar
Short Description: Test the deposit functionality
Test Case Name: Deposit page
DesignDate: 10/12/2016
Execution Date: 22/03/2017
Pre-Conditions:
1. Entering the account number in numeric.
2. Entering the amount in numeric.
Post-Conditions:
1. The amount deposit the account number “0748000100424439”
59. Chapter- 9
53
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result Bug id PASS/
FAIL
COMMENT
1. Enter A/c number
‘ ’ and Amount ‘
’.
Enter A/c Number.
And Enter
Amount.
Enter A/c
Number.
And Enter
Amount.
Pass <Executed>
2. Click the
‘DEPOSIT’
button.
Give the message
“Please enter the
account number”
and
Redirects to
Deposit page.
Give the message
“Please enter the
account number”
and
Redirects to
Deposit page.
Pass <Executed>
Test Cases: #10
System: epayumoney.com
Designedby: Ajit Singh ,Radha Saini,Sharvan kumar
Executes by: Ajit Singh
Short Description: Test the Deposit service
with blank Account number and
Amount.
Test Case Name: Deposit page
DesignDate: 10/12/2016
Execution Date: 21/03/2017
Pre-Conditions:
1. The current Account Number is blank.
2. The current Amount is blank.
Post-Conditions:
1. The current A/c Number is blank.
2. The current Amount is blank.
60. Chapter- 9
54
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter A/c Number
“7451323641235684”
No Response No Response Pass <Executed>
2. Click the ‘Deposit’
button.
Give the message
“Invalid account
number ”
Redirect to Login
Page.
Give the
message “Invalid
account number
”
Redirect to
Login Page.
Pass <Executed>
Test Cases: #11
System: epayumoney.com
Designedby: Ajit Singh
Executes by: Ajit Singh
Short Description: Test the Deposit service
with Account number
Test Case Name: Deposit page
DesignDate: 10/12/2016
Execution Date: 22/03/2017
Pre-Conditions:
1. The current user id is “7451323641235684”
2. The correct Account number in database”0748000100424439”.
Post-Conditions:
1. The current user id is blank.
2. The current password is blank.
61. Chapter- 9
55
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug
id
COMMENT
1. Enter sender account
number“0748000100
424439”and. Receiver
account number
“7898456512361445”
No response No response Pass <Executed>
2. Enter the amount
“500”
No response No response Pass <Executed>
3. Click the “Transfer
Fund ” button.
The system will
give the Fund
transfer
successfully
Message.
The system will
give the Fund
transfer
successfully
Message.
Pass <Executed>
Test Case: #12
System: epayumoney.com
Designedby: Ajit Singh ,Sharvan kumar
Executed by: Ajit Singh
Short Description: Test the Fund Transfer page.
Test Case Name: Fund Transfer
Page
DesignDate: 31/12/2016
Execution Date: 23/03/2017
Pre-Conditions:
1. The current sender account number is “0748000100424439”
2. The current Receiver account number “7898456512361445”
3. Amount is 500.
Post-Conditions:
1. Sender A/c number “0748000100424439”and. Receiver account number
“7898456512361445”.
62. Chapter- 9
56
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter Sender and
receiver A/c no.” ”
Enter sender and
receiverA/cnumber
Enter sender and
receiverA/cnumber
Pass <Executed>
2. Click the ‘Transfer’
button.
Redirects to Fund
transfer page
Redirects to Fund
transfer page
Pass <Executed>
Test Cases: #13
System: epayumoney.com
Designedby: Ajit Singh ,Radha Saini,Sharvan kumar
Executes by: Ajit Singh ,Radha Saini,Sharvan Kumar
Short Description: Test the Fund Transfer service
with blank Sender and Receiver A/c number.
Test Case Name: Fund Transfer
page
DesignDate: 31/12/2016
Execution Date: 23/03/2017
Pre-Conditions:
1. The current Sender A/c number is blank
2. The current Receiver A/c number is blank.
Post-Conditions:
1. The current Sender A/c number is blank
2. The current Receiver A/c number is blank.
63. Chapter- 9
57
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual
Result
PASS/
FAIL
Bug id COMMENT
1. Enter mobile
number
“9529834087” and
circle ”Rajasthan ”
And operator
“Reliance ”
No response No response Pass <Executed>
2. Enter the amount
“100”
No response No response Pass <Executed>
3. Click the “Recharge”
button.
The system will give
the Recharge
successfully
Message.
The system
will give the
Recharge
successfully
Message.
Pass <Executed>
Test Case: #14
System: epayumoney.com
Designedby: Ajit Singh ,Sharvan kumar
Executed by: Ajit Singh
Short Description: Test the Fund Transfer page
...pagepage
Test Case Name: Fund Transfer
Page
DesignDate: 31/12/2016
Execution Date: 22/03/2017
Pre-Conditions:
1. The Mobile number 9529834087
2. The amount is “100”
3. Select the operator “Reliance ” And circle “ Rajasthan ”.
Post-Conditions:
1. The Mobile number 9529834087
2. The amount is “100”
3. Select the operator “ Reliance ” And circle “ Rajasthan ”.
64. Chapter- 9
58
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter mobile no.” ”
Enter amount “”
Enter the mobile
number and amount
Enter the mobile
number and
amount
Pass <Executed>
2. Click the ‘Recharge
’button.
Redirects to
Recharge page
Redirects to
Recharge page
Pass <Executed>
Test Cases: #15
System: epayumoney.com
Designedby: Ajit Singh
Executes by: Ajit Singh ,Radha Saini,Sharvan Kumar
Short Description: Test the Recharge service
with blank mobile number and amount.
Test Case Name: Recharge page
DesignDate: 14/01/2017
Execution Date: 23/03/2017
Pre-Conditions:
1. The current Mobile number is blank
2. The current Amount is blank.
Post-Conditions:
1. The mobile number is blank
2. The current amount is blank.
65. Chapter- 9
59
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual
Result
PASS/
FAIL
Bug id COMMENT
1. Enter the bill number
“ AB78956”and
amount “500”
The system displays
the user verified
message.
No response Fail <Executed>
2. Click the ‘Bill Pay
’ button.
The system will
give the Login
success alert
The system
will give the
Login success
alert
Pass <Executed>
Test Case: #16
System: epayumoney.com
Designedby: Ajit Singh ,Radha Saini
Executed by: Ajit Singh
Short Description: Test the Bill pay page
Test Case Name: Bill pay page
DesignDate: 21/01/2017
Execution Date: 23/03/2017
Pre-Conditions:
1. The current Bill no is “ AB78956”
2. The current amount of bill is “500”
Post-Conditions:
1. Bill pay at the bill number “ AB78956”.
66. Chapter- 9
60
STEP ACTION EXPECTED
SYSTEM
RESPONSE
Actual Result PASS/
FAIL
Bug id COMMENT
1. Enter Bill no ‘ ’ and
amount ‘ ’.
Enter user id.
Enter password.
Enter user id.
Enter
password.
Pass <Executed>
2. Click the ‘Pay Bill’
button.
Redirects to Bill
pay
Redirects to Bill
pay
Pass <Executed>
Test Cases: #17
System: epayumoney.com
Designedby: Ajit Singh ,Radha Saini
Executes by: Ajit Singh ,Sharvan Kumar
Short Description: Test the Bill pay
with blank Bill No.and amount.
Test Case Name: Bill pay page
DesignDate: 21/01/2017
Execution Date: 23/03/2017
Pre-Conditions:
1. The current user Boll No is blank.
2. The amount is blank.
Post-Conditions:
1. The Bill No is blank.
2. The current Amount is blank.
67. Chapter-9
61
10. CONCLUSION
Secure Electronic Payment schemes through SSL, SET, and secure communication tunnel have
been reviewed in this paper. The security techniques are used to provide security the customer able
to purchase the desired items. The system can ensure the security of transaction, so it is an excellent
solution to the E-business model. Main advantages of Payment System for Internet Transaction
are: it uses strong cryptography and authenticity checking models; the merchant is prevented from
seeing payment information; the customer can easy to use the system, since he is not required to
install additional software for secure payments or to have a digital certificate. The literature shows
that with the security principle for secure communication channels, a significant level protection
provide to unsecure communication channel.
SEP protocol is a good transaction protocol for credit card payment. In this paper we improved
how well SEP protocol meets the e-payment security requirements and identified end user
implementation requirement. A future research topic is to analysis the security and the
performance of our protocol.
The entire project has been developed and deployed as per the requirements stated by the user, it
is found to be bug free as per the testing standards that are implemented. Any specification
untraced errors will be concentrated in the coming versions, which are planned to be developed in
near future. The system at present does not take care off the money payment methods, as the
consolidated constructs need SSL standards and are critically to be initiated int he first face, the
application of the credit card transactions is applied as a developmental phase in the coming days.
The system needs more elaborative technicality for its inception and evolution
68. 62
11. REFERENCES
[1] www.wikipedia/SET.php
[2] http://searchfinancialsecurity.techtarget.com/definition/Secure-Electronic-Transaction
[3] https://www.scribd.com/document/52504978/E-TRANSACTION-INTERFACE
[4] Software Engineering by Roger Pressman 19th Edition, Addison Wesley Professional,
2007
[5] Grady Brooch, James RamBaugh, Ivan Jacobson, ”The Unified Modeling User Guide”
2ndEdition, Addison Wesley Professional, 2005
[6] Hassler, v. (2001). security fundamentals for e-commerce. artech house, Massachusetts
[7] Z. Jiemiao, Research on E-Payment Protocol, Information Management, Innovation
Management and Industrial Engineering (ICIII), 2011, pages 121 – 123
[8] Dhillon, J. Ohri, Optimizing Security in E-commerce through Implementation of Hybrid
Technologies, CSECS'06 Proceedings of the 5th WSEAS International Conference on
Circuits, Systems, Electronics, Control & Signal Processing, Pages 165 – 170.
[9] A.A. Slamy, E-Commerce security, IJCSNS International Journal of Computer Science
and Network Security, VOL.8 No.5.
[10] P. Jarupunphol, C. Mitchell, Measuring 3-D Secure and 3D SET against e-commerce
end-user requirements, Proceedings of the 8th Collaborative electronic commerce
technology and research conference (CollECTeR (Europe) 2003), National U M. D.
Fairchild,
[11] P. Jarupunphol, C. Mitchell, Measuring 3-D Secure and 3D SET against e-commerce
end-user requirements, Proceedings of the 8th Collaborative electronic commerce
technology and research conference (CollECTeR (Europe) 2003), National U Mark D.
Fairchild,
[12] H. Houmani, M. Mejri, Formal Analysis of SET and NSL Protocols Using the
Interpretation Functions-based Method, Journal of Computer NetwoJ. Foley, A. van
Dam, S. Feiner, and J. Hughes,
[13] Jay Gondek, An Extended sRGB for High Quality Consumer Imaging, HewlettPackard,
Revision 1.01 6/20/2000
[14] R Yin, Y. “The RC5 Encryption Algorithm: Two Years On.” Crypto Bytes, winter 1997.
[15] ELECTRONIC CASH AND SET, Paper presented at the conference: Internet Crime held
in Melbourne, 16-17 February 1998.
[16] Yin, Y. “The RC5 Encryption Algorithm: Two Years On.” 1997.
[17] Gary C.Kessler, N.Todd Pritsky,”Internet Payment Systems: Status and Update on
SSL/TLS, SET and IOTP” Information Security Magazine August 2000.
[18] Jarupunphol, C.J. Mitchell, Measuring 3-D Secure and 3D SET against e-commerce end-
user requirements. Proceedings of the 8th Collaborative Electronic Commerce
Technology and Research Conference, 2003, 51–64.
[19] Z. Djuric, Secure internet payment System”ITCC2005..
[20] Kaliski Jr, B.S. and Yin, Y. L., September 1998. “On the security of the RC5 Encryption
Algorithm”, 2006.
69. 63
Appendix A
Home page
In the home page there are four functionalities.
1. Deposit Fund
2. Fund Transfer
3. Recharge
4. Bill Pay
The user can login and use the all the functionalities. If user try to without login then alert is come
“you are not login Please Login First”.
70. 64
Login frame
The user enter the email id and password and then click on the login button. If email id and
password id correct then the user login. If wrong user id and pass then system give a alert “User
doesn’t exist ”.
71. 65
Fund Transfer page
In the fund transfer page user can enter the sender and the receiver account number and ifsc code
and amount then click on the transfer button then the fund is transfer to one account to another
account. And the details of the transaction stored in the database.
72. 66
Recharge page
In the recharge there are three buttons Mobile ,DTH ,Data card the user select any and do the
recharge. If user select the mobile then enter the mobile number and operator and circle and
amount and then click on the recharge button then recharge done.
73. 67
Bill Pay Page
In the bill pay the user select the type of the bill and then enter the bill no and service provider and
amount of the bill pay and then click on the process button and the bill payed .the details of the
transaction stored in the database.