1 / 10

iKP Secure Electronic Payment System

iKP Secure Electronic Payment System. Presented by Jinping Li. iKP Secure Electronic Payment System. Introduction iKP Payment Model Security Requirement Framework of iKP Protocols Conclusion Questions. Introduction. Security for electronic payments is of the utmost importance

edric
Télécharger la présentation

iKP Secure Electronic Payment System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. iKP Secure Electronic Payment System Presented by Jinping Li

  2. iKP Secure Electronic Payment System • Introduction • iKP Payment Model • Security Requirement • Framework of iKP Protocols • Conclusion • Questions

  3. Introduction • Security for electronic payments is of the utmost importance “… Indeed, the appeal of electronic commerce without electronic payment is limited. Moreover, insecure electronic payment methods are more likely to impede, than to promote, electronic commerce… ” One scenario could be a shopper buying something from a Web site for the first time that buys an expensive item and has it shipped to an address that is different from the billing address B2B vs B2C • Adversaries and threats interception

  4. iKP Model Payment System Provider Clearing Issuer Acquirer • Parties in iKP Buyer,Seller,Acquirer 2. iKP protocols is a family i=1,2,3, which reflects number of parties with public key pairs • iKP protocols are based on the existing credit-card system Payment Buyer Seller Generic model of a payment system

  5. iKP Model Root Key Subject PK Signature of TTP Association Signature Issuer Signature Acquirer Signature Cardholder Signature Cardholder Signature Merchant Signature Merchant Signature 4. iKP protocols are based on public key cryptography 5. Certification Authorities

  6. Security Requirement • Issuer/Acquirer Requirements • A1- Proof of Transaction Authorization by Buyer • A2- Proof of Transaction Authorization by Seller • Seller Requirements • S1- Proof of Transaction Authorization by Acquirer • S2- Proof of Transaction Authorization by Buyer • Buyer Requirements • B1- Impossibility of Unauthorized Payment • B2- Proof of Transaction Authorization by Acquirer • B3- Certification and Authentication of Seller • B4- Receipt from Seller

  7. Framework of iKP Protocols Buyer Seller Acquirer (ST-INFB) (ST-INFS) (ST-INFA) Initiate(SALTB, IDB) Invoice(Clear, [2,3 SigS]) Payment(EncSlip,[3 SigB]) Auth-Request(Clear, Hk(SALTB, DESC), EncSlip,[2,3 SigS,[3 SigB]]) Auth-Response(RESPCODE,SigA) Conform(RESPCODE,SigA,[2,3 V|VC]) Goods and Services

  8. Satisfaction of requirements

  9. Conclusion • The greater the number of partied that hold public-key pairs, the greater the level of security provided • Allows for gradual deployment of the system • SET is developed based on iKP protocols, which is supported by most signification organizations • Less privacy of order information and the amount of payment • Offers no anoymity form the payment system provider

  10. Question How does iKP satisfy A1?

More Related