Electronic payment systems provide cheaper alternatives to traditional paper-based payment methods for electronic commerce. Common electronic payment methods include credit cards, debit cards, stored value cards, and e-checks. Credit cards charge interest on outstanding balances and require merchant accounts, while debit cards directly withdraw funds from the user's bank account. Security is ensured through encryption, authentication, digital signatures, and protocols like SSL and SET. This protects user information and provides non-repudiation of transactions.

1. Electronic payment system
Chapter # 8

2. Electronic commerce involves the exchange of some
form of money for goods and services.
Cash can’t be a medium of payment between remote
buyer and seller
Implementation of electronic payment systems is still
growing.
Electronic payments are far cheaper than the
traditional method of mailing out paper invoices and
then processing payments received
 Cost of billing a person by mail ranges from 10 to 15 Rs.
 Billing a person electronically cost about 2 Rs.
The most common internet payment method for B2B
EC is credit card.
However a concern for customer is security
Electronic payment and protocol

3. Typical electronic payment system for EC
Credit card
EFT
Debit Card
Stored value card
E-check

4. Credit cards (e.g. Visa)
Spending limit based on credit history
Interest is charged on outstanding balances not paid
off within a given time
Accepted worldwide
User protection facilitated by a 30-day period that a
purchase may be disputed
Merchant account (that accepts credit card
payments) required by the business

5. Debit cards
 The sale amount is removed from user’s account and transfers
to the sellers account
 Limited by funds in account plus overdraft (if present)
Stored Value cards (e.g. American Express)
 Are similar to prepaid card
 Can be used for Micro payment
 The amount due on the card is due at the end of the billing
period
 They do not accumulate interest payments
 Some vendors provide single-use-cards which are valid for a single
transaction
 A unique card number is issued
 This helps with card details security

6. Advantages of Payment Cards
Ease of use, no special hardware required
card holder’s liability is limited
Accepted worldwide
Currency conversion handled by card issuer
Disadvantages of Payment Cards
Service companies charge merchants per-transaction
and monthly processing fees
Price of goods for the consumer might be slightly
higher as a result

7. Electronic payment and protocol
Most commonly used protocol
Secure socket layer (SSL)
SSL allow their customer to encrypt their order at
their computer
Secure electronic transfer (SET)
SET Is designed to provide secure web credit and
transactions for both consumers and merchants.
SET require additional procedure like customer
certificate etc

8. Authentication
 A method to verify the buyers identity before payment made
Encryption
 A process of making message indecipherable (impossible to
read) except by those who have an authorized key (translator)
Integrity
 Ensuring that all information is not altered or destroyed during
transmission
Non repudiation
 Protection against customer : denial of order placed
 Protection against merchant : denial of payment made
Essential security requirements

9. Private key , also called a symmetrical key encryption
the same key is used to both encrypt and decrepit the
message. key is agreed upon and shared by both the
sender and a receiver
Public key, public key is known by all authorized users,
the sender encrypt the message with receiver public
key, receiver public key be delivered in advance, . The
message only decrypted by receivers private key
Digital signature is used for authentication of sender,
is usually attached to sent message like handwritten
signature
Security Schemes in electronic payment
System

10. Hashed (muddled ) message is called a message
digest
 Certificate is issued by a trusted third party
 Certificate authority is a body like federal postal
service. A CA may be certified by another CA
Digital envelope is the process of encryption into a
secret key
Transaction certificate: some undeniable facts of
transaction
Time stamp: digital attestation that a document was in
existence at a particular time