The document discusses various topics related to payment card security on the internet. It begins with introducing security issues like authorization, authentication, confidentiality and non-repudiation. It then discusses the Payment Card Industry standards and requirements. The document outlines different protocols for secure online payments including Secure Electronic Transaction (SET), Secure Sockets Layer (SSL), and electronic cash/coins. It compares advantages and disadvantages of these protocols and concludes that SET is an outstanding payment protocol that provides security for e-commerce transactions.
E secure transaction project ppt(Design and implementation of e-secure trans...AJIT Singh
e-secure transaction project ppt
This is the ppt for thee secure transaction system project for the college student. i did this project on my college days.
Here I mentioned some important points for the ppt so you can copy them and make you customize ppt on any topic or project.
Design and implementation of e-secure transaction system is my project title and in this, we have different functionalities like transfer funds and recharges,bill pay etc ,
we also use some encryption algorithms for secure the data.
Secure Electronic Transaction
Contents are:
Secure Electronic Transaction
SET Business Requirements
SET Protocols
Parties in SET
Implementation of SET
SET Transaction
Dual Signature in SET
Dual Signature Operation
SET Supported Transaction
Credit Card Protocols
E secure transaction project ppt(Design and implementation of e-secure trans...AJIT Singh
e-secure transaction project ppt
This is the ppt for thee secure transaction system project for the college student. i did this project on my college days.
Here I mentioned some important points for the ppt so you can copy them and make you customize ppt on any topic or project.
Design and implementation of e-secure transaction system is my project title and in this, we have different functionalities like transfer funds and recharges,bill pay etc ,
we also use some encryption algorithms for secure the data.
Secure Electronic Transaction
Contents are:
Secure Electronic Transaction
SET Business Requirements
SET Protocols
Parties in SET
Implementation of SET
SET Transaction
Dual Signature in SET
Dual Signature Operation
SET Supported Transaction
Credit Card Protocols
Digital Payment and 3-D Secure by NetceteraNetcetera
Our Sales & Business Development Manager CEE, Martin Mendel, presented how we enable convenient and secure digital shopping at Cardsession in Prague, Czech Republic, in December 2017. Cardsession is one of the most significant conferences in the field of payment systems, cards and technology in the Central Europe.
Brief description about the various E-Payment Systems :
E-Cash, E-Cheques,E-Wallets, Credit and Debit Cards transaction systems, Electronic Clearing Systems...
Their various drawbacks and advantages and disadvantages.
Manage a Recurring Gift Process and Implement PCI Compliance with The Raiser’...Blackbaud Pacific
In this powerpoint Kaine Costello, Blackbaud Pacific's Enterprise Account Manager, provides an introduction of PCI compliance and an overview and demonstration of The Raiser's Edge payment processing.
For more information on the Blackbaud Payment Services please contact sales@blackbaud.com.au.
A Payment Gateway is an ecommerce application that authorizes payments for e-business, online retailers etc. Analogy of payment is cash counters which are located in the retail outlets. Payment gateways encrypt sensitive information such as credit card numbers to ensure that information passes securely between the customer and the merchant.
Digital Payment and 3-D Secure by NetceteraNetcetera
Our Sales & Business Development Manager CEE, Martin Mendel, presented how we enable convenient and secure digital shopping at Cardsession in Prague, Czech Republic, in December 2017. Cardsession is one of the most significant conferences in the field of payment systems, cards and technology in the Central Europe.
Brief description about the various E-Payment Systems :
E-Cash, E-Cheques,E-Wallets, Credit and Debit Cards transaction systems, Electronic Clearing Systems...
Their various drawbacks and advantages and disadvantages.
Manage a Recurring Gift Process and Implement PCI Compliance with The Raiser’...Blackbaud Pacific
In this powerpoint Kaine Costello, Blackbaud Pacific's Enterprise Account Manager, provides an introduction of PCI compliance and an overview and demonstration of The Raiser's Edge payment processing.
For more information on the Blackbaud Payment Services please contact sales@blackbaud.com.au.
A Payment Gateway is an ecommerce application that authorizes payments for e-business, online retailers etc. Analogy of payment is cash counters which are located in the retail outlets. Payment gateways encrypt sensitive information such as credit card numbers to ensure that information passes securely between the customer and the merchant.
Does security and convenience go well one with another and how to increase customer's convenience in digital commerce? What's new in ACS 2.0 and how SA supports online commerce safety? Presentation will give you answers to all of those questions but also an insight about advanced security options topics.
Security and Payment in E-Business is a prime focus of any organisation engaged in e-business. This presentation helps you to improve your knowledge about online payments and online security
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
3. INTRODUCTION
• In the past year, the number of users reachable
through Internet has increased dramatically
• Potential to establish a new kind of open
marketplace for goods and services
• Online shops in Internet
• Bookshop (Amazon.com)
• Flight Reservation and Hotel Reservation shopping
place, etc.
• An effective payment mechanism is needed
4. SECURITY ISSUES
• Internet is not a secure place
• Authorization, Access Control:
• protect intranet from hordes: Firewalls
• Confidentiality, Data Integrity:
• protect contents against snoopers: Encryption
• Authentication:
• both parties prove identity before starting transaction: Digital certificates
• Non-repudiation:
• proof that the document originated by you & you only: Digital signature
5. PAYMENT CARD INDUSTRY
PCI = Payment Card Industry
• PCI Data Security Standards compliance
• Validate our Data
• Validation method dependent on our “Merchant
Level”, which is a reflection of the number of
transactions per year
6. CONT.
• “Payment Card Industry” encompasses all the
organizations that store, process and transmit
cardholder data
• PCI Security Standards Council (PCI SSC)
• Card brands (VISA, MasterCard, etc.)
• Banks (Bank of America, Chase, etc.)
• Service Providers (manage the transactions for the
banks, like PayPal, First Data, VeriSign)
• Merchants (like K-State – the entity that takes the
credit card info from the customer)
7. Protect Cardholder Data
• Do not store sensitive authentication data after
authorization (even if encrypted)…
• … card verification value (3-digit code on back of
the card), PIN, or mag stripe content
• Render PAN [Primary Account Number] unreadable
anywhere it is stored…
• … examine a sample of removable media (for
example, back-up tapes) to confirm that the PAN is
rendered unreadable
8. DIGITAL CERTIFICATE
• A digital identity document binding a public-private
key pair to a specific person or organization
• Verifying a digital signature only proves that the
signer had the private key corresponding to the public
key used to decrypt the signature
• Does not prove that the public-private key pair
belonged to the claimed individual
• We need an independent third party to verify the
person’s identity (through non-electronic means) and
issue a digital certificate
9. DIGITAL CERTIFICATE CONTENTS
• Name of holder
• Public key of holder
• Name of trusted third party (certificate authority)
• DIGITAL SIGNATURE OF CERTIFICATE
AUTHORITY
• Data on which hash and public-key algorithms
have been used
• Other business or personal information
12. CREDIT CARD BASED
• Parties involved: cardholder, merchant, issuer,
acquirer and payment gateway
• Transfer user's credit-card number to merchant via
insecure network
• A trusted third party to authenticate the public key
13. SET Encryption
Request is Sent to
E-commerce Server
E-Commerce Server
Verifies Transaction
Purchase
is Requested
Merchant
Sends Record
to Bank
Transaction
is Approved
Bank Credits
Merchant’s Account
SECURE ELECTRONIC
TRANSMISSION (SET)
14. SET
• Developed by VISA and MasterCard
• To facilitate secure payment card transactions over
the Internet
• Digital Certificates create a trust chain throughout the
transaction, verifying cardholder and merchant
validity
• It is the most secure payment protocol
15. CONT..
• The SET specification uses public key cryptography
and digital certificates for validating both consumers
and merchants.
• The SET protocol provides confidentiality, data
integrity, user and merchant authentication, and
consumer non-repudiation.
16. PAYMENT PROCESS
• The messages needed to perform a complete
purchase transaction usually include:
• Initialization (PInitReq/PInitRes)
• Purchase order (PReq/PRes)
• Authorization (AuthReq/AuthRes)
• Capture of payment (CapReq/CapRes)
21. ADVANTAGES
• It is secure enough to protect user's credit-card
numbers and personal information from attacks
• hardware independent
• world-wide usage
22. DISADVANTAGES
• User must have credit card
• No transfer of funds between users
• It is not cost-effective when the payment is small
• None of anonymity and it is traceable
24. • Created by Netscape for secure message
transmission.
• Uses public-key encryption
• Browser is the client
25. ELECTRONIC CASH/COINS
• Parties involved: client, merchant and bank
• Client must have an account in the bank
• Less security and encryption
• Suitable for small payment, but not for large payment
• E.g.. Net cash
26. Electronic Cash Payment Protocol: NetCash
Currency
Server 1
Currency
Server 2
5. Verify
coins
Buyer Merchant
7. Receipt
3. CS1’s
certificate
4. Validate
coins
2. New
coins
1. E-
Check
6. New
coins/E
-Check
Making a purchase with
NetCash
NET-CASH
27. A Net Cash coin has the following form:
- CS_name: - name of the currency server.
- CS add: - network address of the currency
server.
- Expiry: - the date on which the coin
becomes invalid..
CONT.
28. CONT..
- Serial #: - a unique identifier of the coin to the currency
server.
- Value: - the amount of the coin
Each coin is encrypted with currency server’s secret key
(SKcs), which becomes a digital signature to show that the
coin is authentic.
29. DIGICASH (E-CASH)
• A fully anonymous electronic cash system
• Using blind signature technique
• Parties involved: bank, buyer and merchant
• Using RSA public-key cryptography
• Special client and merchant software are needed
30. WITHDRAWING E-CASH/COINS
• User's cyber wallet software calculates how many
digital coins are needed to withdraw the requested
amount
• software then generates random serial numbers for
those coins
• the serial numbers are blinded by multiplying it by a
random factor
31. WITHDRAWING E-CASH COINS
• Blinded coins are packaged into a message, digitally
signed with user's private key, encrypted with the
bank's public key, then sent to the bank
• When the bank receives the message, it checks the
signature
• After signing the blind coins, the bank returns them to
the user
32. ADVANTAGES
• Cost-effective for small payment
• User can transfer his electronic coins to other user
• No need to apply credit card
• Anonymous feature
• Hardware independent
33. DISADVANTAGES
• It is not suitable for large payment because of lower
security
• Client must use wallet software in order to store the
withdrawn coins from the bank
• A large database to store used serial numbers to
prevent double spending
33
34. CONCLUSIONS
• An effective, secure and reliable Internet payment
system is needed
• Depending on the payment amount, different level of
security is used
• SET protocol is an outstanding payment protocol for
secure electronic commerce
34
