EPS system explanation, How EPS System works in real world, Model of E- Payments, Security concerns related to EPS systems, Case study of paytm related to electronic payment
3. Amity Business School
WHAT ELECTRONIC PAYMENT
SYSTEM IS?
Electronic Payment is a financial exchange that takes place
online between buyers and sellers. The content of this
exchange is usually some form of digital financial instrument
(such as encrypted credit card numbers, electronic cheques or
digital cash) that is backed by a bank or an intermediary, or by
a legal tender.
3
6. Amity Business School
6
Business-to-business (B2B) refers to a situation where one
business makes a commercial transaction with another. This
typically occurs when:
• A business is sourcing materials for their production process
(e.g. a food manufacturer purchasing salt).
• A business needs the services of another for operational reasons
(e.g. a food manufacturer employing an accountancy firm to
audit their finances).
• A business re-sells goods and services produced by others (e.g. a
retailer buying the end product from the food manufacturer).
8. Amity Business School
8
• Business to consumer (B2C) is business or transactions
conducted directly between a company and consumers who are
the end-users of its products or services.
• Companies that sell directly to consumers can be referred to as
B2C companies.
• The term became immensely popular during the dotcom boom of
the late 1990s, when it was used mainly to refer to online
retailers, as well as other companies that sold products and
services to consumers through the internet.
10. Amity Business School
10
• Customer to customer (C2C) markets provide an innovative way
to allow customers to interact with each other.
• In customer to customer markets, the business facilitates an
environment where customers can sell goods or services to each
other.
• Involves the electronically facilitated transactions between
consumers through some third party.
• The third party generally charges a flat fee or commission. The
sites are only intermediaries, just there to match consumers. They
do not have to check quality of the products being offered.
12. Amity Business School
12
• Consumer-to-business (C2B) is a business model in which consumers
(individuals) create value and businesses consume that value. For example,
when a consumer writes reviews or when a consumer gives a useful idea for
new product development then that consumer is creating value for the business
if the business adopts the input. Excepted concepts are crowd sourcing and co-
creation.
• Another form of C2B is the electronic commerce business model in which
consumers can offer products and services to companies, and the companies
pay the consumers
14. Amity Business School
14
• Such websites are used by government to trade and exchange
information with various business organizations.
15. Amity Business School
15
• This is used by the government to support auctions, tenders,
applications submissions functionalities.
• Information purpose.
17. Amity Business School
17
• The easiest form of electronic money that is available and most widely used
today.
• Many international sites and mobile commerce sites allow you to pre-store
your credit card number securely so that you don’t have to key in the number
each time.
• Currently, the largest user base in e-commerce uses credit cards for payments.
Debit card
•The second largest e-commerce payment medium in India Debit Cards and
Netbanking.
•Very often, for customers who want to stay within their spending capacity,
paying for things online using a debit card proves to be a preferred choice.
•With the debit card, one can only pay for purchased goods with the money
that already exists in the current or savings accounts as opposed to the credit
card where the amounts that the buyer spends are accumulated and have to be
paid for as a bill at the end of the billing period.
Credit cards
19. Amity Business School
19
Net banking
•This does not involve any wallet and is simply a method of online
transfer of funds from your bank account to another bank account, credit
card, or a third party.
•You can do it through a computer or mobile phone. Log in to your bank
account on the Net and transfer money via national electronic funds
transfer (NEFT), real-time gross settlement (RTGS) or immediate
payment service (IMPS), all of which come at a nominal cost ranging
from Rs 5-55.
Mobile wallet
•This is basically a virtual wallet available on your mobile phone. You can
store cash on the mobile to make online or offline payments. Various service
providers offer these wallets via mobile apps, which you need to download on
the phone.
• You can transfer the money into these wallets online using credit/debit card
or Net banking. This means that every time you pay a bill or buy online via
the wallet, you won't have to furnish your card details. You can use these to
pay fee, bills, and make online purchases.
22. Amity Business School
SET is an open encryption and security specification designed to protect
credit card transactions on the Internet.
It is a set of security protocols and formats that enables users to employ the
existing credit card payment infrastructure on an open network, such as the
Internet, in a secure fashion.
In essence, SET provides services:
• Provides a secure communications channel among all parties involved in a
transaction.
• Ensures privacy because the information is only available to parties in a
transaction when and where necessary.
Secure Electronic Transaction Protocol
24. Amity Business School
An increasingly popular approach for the protection of sensitive data is the
use of data substitution with a token (or alias) as a replacement for a real
credit card number. In the process of tokenization, actual cardholder data is
used in a payment transaction and, once the transaction is authorized, this
very sensitive data is sent to a centralized and highly secure server called a
“vault” where it is stored securely.
Tokenization
25. Amity Business School
EMV chip technology is becoming the global standard for credit card and debit card
payments.
Chip technology is an evolution in our payment system that will help increase
security, reduce card-present fraud and enable the use of future value-added
applications.
Chip-enabled cards are standard bank cards that are embedded with a micro
computer chip. Some may require a PIN instead of a signature to complete the
transaction process.
EMV(Europay,Mastercard,Visa)
Magnetic Stripe
Card(Traditional)
Data from a traditional
magstripe card can be easily
copied (skimmed).
Chip-Enabled System
Chip (EMV) technology is
effective in combating
counterfeit fraud with its
dynamic authentication
capabilities.
26. Amity Business School3-D Secure
The 3d Secure authentication is an additional fraud prevention scheme.
#Allows shoppers to create and assign a password to their card that is then
verified whenever a transaction is processed through a site that supports the use
of the scheme.
#The addition of password protection allows extra security on transactions that
are processed online.
3D Secure stands for 3 Domain Server:-(3 Parties)
The company the purchase is being made from.
The Acquiring Bank (the bank of the company)
VISA and MasterCard (the card issuers themselves)
29. Amity Business School
• Confidential − Information should not be
accessible to unauthorized person. It should
not be intercepted during transmission.
• Integrity − Information should not be altered
during its transmission over the network.
• Availability − Information should be available
wherever and whenever requirement within
time limit specified.
• Authenticity − There should be a mechanism
to authenticate user before giving him/her
access to required information.
30. Amity Business School
• Non-Repudiabiity − It is protection against
denial of order or denial of payment.
Encryption − Information should be encrypted
and decrypted only by authorized user.
• Auditability − Data should be recorded in
such a way that it can be audited for integrity
requirements.
32. Amity Business School
• Encryption − Sender of the information encrypt the
data using a secret code and specified receiver only
can decrypt the data using the same or different secret
code.
• Digital Signature − A digital signature is a e-signature
authentic authenticated through encryption and
password.
• Security Certificates − Security certificate is unique
digital id used to verify identity of an individual website
or user.
34. Amity Business School
WHAT IS A PAYMENT
GATEWAY?
A payment gateway is an e-commerce
application service provider service that
authorizes payments for e-businesses(ex: online
shopping carts) .
36. Amity Business School
E-COMMERCE
Electronic Commerce, commonly known as
(electronic marketing) e-commerce or E-Commerce,
consists of the buying and selling of products or
services over electronic systems such as the
Internet and other computer networks.
37. Amity Business School
WEB SERVICES
A Web service is defined by the W3C as "a
software system designed to support
interoperable machine-to-machine interaction
over a network”.
For accessing every web service we need an
API(Application Program Interface) key.
Web service is a platform independent.
39. Amity Business School
Risks involved in cyber
banking
39
Cyber banking involves transferring of funds through various e-
channels like ATM, internet banking, mobile banking etc.
Threat to customers and banks involving phishing, keylogging,
spyware, malware etc.
A large number of banking frauds in India due to which finances and
funds are getting lost.
40. Amity Business SchoolSome major risks…
40
Account
Takeovers
• exploiting online financial and market systems that interface with Internet,
such as the Automated Clearing House (ACH) systems, card payments
spoofing
• attempts to gain unauthorized access to a user's system or information by
pretending to be the user in order to gain access to one's bank account
ATM Skimming
• A criminal affixes a skimmer to the outside or inside of an ATM to collect
card numbers and personal identification number (PIN) codes.
Point of sale
terminals
• target for cyber criminals engaging in credit card fraud and have resulted in
the compromise of millions of credit and debit cards the US.
Mobile Banking
Exploitation
• As more mobile devices have been introduced into personal, business, or
government networks, they have been increasingly targeted for stealing PII
(Personally identifiable information)
46. Amity Business School
46
The development of the Internet and the arrival of e-
commerce fostered digitalization in the payment processes
by providing a variety of electronic payment options including
payment cards (credit and debit), digital and mobile wallets,
electronic cash, contactless payment methods etc. Mobile
payment services with their increasing popularity are
presently under the phase of transition, heading towards a
promising future of tentative possibilities along with the
innovation in technology
47. Amity Business School
Smarter Credit Cards
How smart can a credit card be? A smartcard
could easily enable parents to block mobile app
purchases by their kids, while permitting other
purchases. Until then, present-day technology
permits all your credit cards to be loaded on to
one smartcard, doing away with the need to carry
a wallet full of plastic.
47
48. Amity Business School
Biometric Payments
What if at a checkout counter, all you had to do
was press your thumb to a scanner, and the
money would automatically be taken from your
credit card or bank account? It’s technologically
possible today, and many researchers support
biometric authentication. But the necessary
backend infrastructure is not in place to make
this option widely available—yet.
48
49. Amity Business School
Mobile Payments
While mobile phone-based payments rely on a
credit card or bank account, they may do away
with the need to carry that piece of plastic. Using
the NFC (Near Field Communication) technology
in your mobile device, you can get authenticated,
and money can be withdrawn from your account
49
50. Amity Business School
Radio barcodes technology
Radio bar-codes technology could enable the sales
personal to read the numbers and expiry date on
consumers' credit cards as they walk by. With
enhancing the security protocols and using the latest
technology like radio bar-codes, mobile payment
service providers can create a system that is not only
scalable at greater levels but is also most convenient
to use for the consumers.
50
52. Amity Business SchoolElectronic Wallets
52
Advantages:
1. Increased Speed and Convenience and eliminates the security risks of handling
2. It enables businesses to increase sales to the customers who pays electronically
3. Reduced Transaction Costs
Disadvantages:
1. Security Concerns: Without superior identity verification measures like biometrics
and facial recognition, anyone can use your cards and e-wallets (phishing attack)
2. Disputed Transactions: If someone uses your electronic money without your
authorization, you would identify the unfamiliar charge and file a claim with your bank,
online payment processor or credit card company.
3. Increased Business Costs: It incur additional costs in procuring, installing and
maintaining sophisticated payment-security technologies.
53. Amity Business School
Advantages and Disadvantages of
Electronic Cash
• Advantages
1. More efficient, eventually meaning lower prices
2. Lower transaction costs
3. Anybody can use it, unlike credit cards, and does not require
special authorization
• Disadvantages
1. Tax trail non-existent, like regular cash
2. Money laundering
3. Susceptible to forgery
54. Amity Business School
54
Advantages and Disadvantages of
Smart Cards and Credit Cards
• Advantages:
1. Atomic, debt-free transactions
2. Feasible for very small transactions
3. Anonymous
4. Security of physical storage
5. Currency-neutral
• Disadvantages:
1. Low maximum transaction limit.
2. High Infrastructure costs.
3. Single physical point of failure.
56. Amity Business School
56
SECURE EPS
INFRASTRUCTURE
Secure electronic funds transfer is crucial to e-commerce. In
order to ensure the integrity and security of each electronic
transaction and other EPSs utilize some or all of the following
security measures and technologies directly related to EPSs:
Authentication, public key cryptography, digital signatures,
certificate, certificate authorities, SSL, S-HTTP, secure
electronic transmission (SET).
Authentication: This is the process of verification of the
authenticity of a person and/or a transaction. There are many
tools available to confirm the authenticity of a user. For
instance, passwords and ID numbers are used to allow a user
to log onto a particular site.
58. Amity Business School
58
Digital Signature: Rather than a written signature that can be used by an
individual to authenticate the identity of the sender of a message or of the
signer of a document; a digital signature is an electronic one. E-check
technology also allows digital signatures to be applied to document blocks,
rather than to the entire document. This lets part of a document to be
separated from the original, without compromising the integrity of the digital
signature. This technology would also be very useful for business contracts
and other legal documents transferred over the Web. A digital signature
includes any type of electronic message encrypted with a private key that is
able to identify the origin of the message. The followings are some
functions of digital signature.
Public Key Cryptography: Public key cryptography uses two keys ,
one public and one private , to encrypt and decrypt data, respectively.
Cryptography is the process of protecting the integrity and accuracy of
information by encrypting data into an unreadable format, called cipher
text. Only those who possess a private key can decrypt the data into
plain text.
59. Amity Business School
• The authentication function: The term digital signature in general
is relevant to the practice of adding a string of characters to an
electronic message that serves to identify the sender or the
originator of a message.
• The seal function: Some digital signature techniques also serve
to provide a check against any alteration of the text of the message
after the digital signature was appended.
• The integrity function: This function is of great interest in cases
where legal documents are created using such digital signatures.
• The privacy function: Privacy and confidentiality are of
significant concerns in many instances where the sender wishes to
keep the contents of the message private from all hut the intended
recipient
59
61. Amity Business School
Certificate: A driver’s license is accepted by numerous
organizations both public and private as a form of identification due
to the legitimacy of the issuer, which is a government agency. Since
organizations understand the process by which someone can obtain
a driver’s license, they can trust that the issuer verified the identity of
the individual to whom the license was issued. A certificate provides
a mechanism for establishing confidence in the relationship between
a public key and the entity that owns the corresponding private key.
61
Certificate Authorities: Certificate authorities are similar to a notary
public, a commonly trusted third party. In the e-commerce world,
certificate authorities are the corresponding of passport offices in the
government that concern digital certificates and validate the holder’s
identity and authority.
62. Amity Business School
62
Secure Sockets Layer (SSL): Secure Sockets Layer transmits private
documents via the Internet . SSL uses a cryptographic system that uses
two keys to encrypt data - a public key known to everyone and a private
or secret key known only to the recipient of the message. It operates
between the transport and the application layers in the network stack
and uses both public and private key cryptography.
64. Amity Business School
Hypertext Transfer Protocol (HTTP)
Web browsers typically use HTTP to communicate with web servers,
sending and receiving information without encrypting it. For sensitive
transactions, such as Internet e-commerce or online access to financial
accounts, the browser and server must encrypt this information. S-HTTP
is an obsolete alternative to the HTTPS protocol
for encrypting web communications carried over HTTP. HTTPS and S-
HTTP were both defined in the mid-1990s to address this need. S-HTTP
was used by Spyglass's web
server,[1] while Netscape and Microsoft supported HTTPS rather than S-
HTTP, leading to HTTPS becoming the de-facto standard mechanism for
securing web communications.
64
65. Amity Business School
Secure Electronic Transaction (SET) was
a communications protocol standard for securing credit
card transactions over insecure networks, specifically, the Internet.
SET was not itself a payment system, but rather a set of security
protocols and formats that enabled users to employ the existing
credit card payment infrastructure on an open network in a secure
fashion. However, it failed to gain attraction in the market. VISA now
promotes the 3-D Secure scheme.
65
67. Amity Business School
CASE STUDY: Paytm, Journey From
Mobile Recharge to E-Commerce Market
• Founded in 2010, Paytm started as a prepaid mobile recharge website. Currently its
business is not only limited to recharge but has expanded as online payment platform
including mobile recharges, utility bill payment, wallet payment and wallet to wallet
and wallet to bank transfers for many leading internet based companies like
Bookmyshow, Makemytrip, FoodPanda , IRCTC and many others.
• It was founded under the implemented idea of Vijay Shekhar Sharma and has got the
first mover advantage in the mobile industry. The company has been backed up by
Alibaba group and Ratan Tata. The firm raised $575 million from Alibaba group for a
share of 25% in the company.
• Paytm is growing faster and they have over 20 million registered users as per their
current data. Their website and mobile app has been transformed into a fully-fledged
e-commerce marketplace offering categories from electronics, mobile phones, sports
& health, home & kitchen, books, baby & toys and many more categories.
• The app downloaded on various platforms has touched the mark of 7 million. The
additional features added like Bargain power which is not currently available at any
other marketplace and unified dashboard has made the selling and buying more
interesting. Monthly order of over 15 million is completed over here.
69. Amity Business School
Success Story
Vijay Shekhar in his initial college days has started his own firm Xs!
Corporation with his batch mate Harinder Takhar which offers web
guide services to the clients. They received seed money of 20,000
from one of the Angel investors. They merged two of their more
friends with them and worked for the company till 1999 after that
they sold it to Living Media India for half a million dollar which is now
the India Today group.
After selling the firm Vijay worked for some time in a company but
soon got bored. He had 2 lacks with him which was enough for him
to start a company on its own. He along with his colleague, Rajiv
Shukla, co-founded One97 Communications Ltd, a mobile value-
added services company. But in 9/11 tragedy, their business
crashed. His partner left him. He was with no money now. He started
using public transport, lived on two cups of tea. It was again a hard
time for him. His father asked him to take a job. The whole family
members were willing to get him married but no any girl was ready to
marry him!
70. Amity Business School
For sustaining his life, he took up a job. But the zeal of doing something of his own
keeps his interest alive from inside. Observing the popularity of smartphones, he
decided to do something around it and in December 2010, he launched Paytm, a
mobile wallet. At present, Paytm has 50 million consumers doing 60 million
transactions a month and is expected to touch 100 million consumers till the end of
2015.
Paytm in February 2014 launched its mobile based marketplace and now recently
has launched a seller dedicated app with zero commission model.
Besides, Paytm has also contracted with IRCTC to make Paytm wallet as one of the
online payment option while booking a ticket. IRCTC processes around 180 million
transactions every year; and Paytm has a strong base of 60 million wallet users who
can use their wallet instead of using plastic card details. These wallet holders have
an access to shop over the app and pay with Paytm wallet across 21,000 merchants.
Over the next six months, the Noida-based firm is considering at 25,000+ tickets per
day using Paytm wallet on IRCTC platform.
According to a report, “Paytm claims to earn revenues of over $500 million now but
Sharma says this will jump to $2 billion by December 2015. Half of Paytm’s run rate
will then come from the m-commerce marketplace push. And the focus will be on
getting more users. Alibaba also echoed its view and Erik Jing of Alipay says, “We
don’t care about profitability. We care about SMEs, users on the Paytm wallet.”
71. Amity Business School
Paytm has recently joined in the hyper-local venture by starting
grocery delivery in Bangalore. The hyper local market has raised
more than $60 million over the past two months from various venture
capitalists.
Paytm has just shoot up its business as it has just raised a funding of
$575 million from Chinese e-commerce company Alibaba Group. In
the same month, India’s leading investor and businessman Ratan
Tata has also invested in the company. Paytm will utilize the fund in
recruiting fresh talent, acquisitions, marketing and brand building.
Gurgaon-based competitor of Paytm, Grofers grabbed an amount of
$45 million while PepperTap snatched $12 million from the investors.
The company is currently dealing in mobile and DTH recharge, bill
payments, bus tickets, data card recharges, e-commerce
marketplace, payment gateway, Paytm deals and coupons.
Vijay Shekhar said, “We do 400,000 orders per day, which is second
highest in the country after IRCTC”. Over 50% of the orders are from
the mobile app making use of the largest mobile commerce platform.
An amount of INR 500crore is allocated for marketing in the year
2015, “said the founder”.
72. Amity Business School
72
DECEMBER
2010
• paytm (mobile wallet)
FEBRUARY
2014
• mobile based marketplace
• SELLER DEDICATED APP
*
• USER : IRCTC
• because 60 million userbase, easy to access and pay
*
• joined hyper local venture in Bangalore , GROCERY DELIVERY
FUNDING
• Ali Baba group : $575 million
• Ratan Tata : Tata group
2015
• mobile & DTH recharge , bill payments , bus ticket , data card recharge ,
e-commerce marketplace , payment gateway, Paytm deals & coupons.