1 / 38

Electronic Payment

Electronic Payment. Instructor: Jerry Gao Ph.D. San Jose State University email: jerrygao@email.sjsu.edu URL: http://www.engr.sjsu.edu/gaojerry Oct., 2002. Topic: Electronic Payment Systems. Presentation Outline.

johana
Télécharger la présentation

Electronic Payment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Electronic Payment Instructor: Jerry Gao Ph.D.San Jose State Universityemail: jerrygao@email.sjsu.eduURL: http://www.engr.sjsu.edu/gaojerryOct., 2002

  2. Topic: Electronic Payment Systems Presentation Outline - History of payment systems- Overview of current payment systems- Introduction to electronic payment systems- Requirements of electronic payment- Classification of electronic payment systems and protocols- Account-Based Payment and Example- Electronic Check Payment and Example- Micro-Payment and Example Jerry Gao Ph.D. 10/20020 All Rights Reserved

  3. Topic: Electronic Payment Systems History of Payment Systems (1) The most primitive form of payment is: barter --> the direct exchange of goods and services for other goods and services. The major problem of this payment approach is: --> double coincidence of wants(2) The earliest money was called commodity money, where physical commodities (such as corn, salt, or gold) whose values were well known were used to effect payment. Since 1980s, gold and silver coins became the most commonly used commodity money.(3) The next step in the progression of money was the use of tokens, such as paper notes, which were backed by deposits of gold and silver held by the note issuers. This is referred to as adopting a commodity standard. Jerry Gao Ph.D. 10/2002

  4. Topic: Electronic Payment Systems The Current Payment Systems (1) Cash Payment: (2) Payment by Credit Card Transfer or giro(3) Credit Card Payment:(3) Check Payment:(4) Automated (5) Wire Transfer Services Jerry Gao Ph.D. 10/2002

  5. Topic: Online Payment Protocols and Systems Introduction to Electronic Payment and Systems What is a payment system?E-commerce application systems must provide payment processing and transaction service to buyers and sellers. A payment system, as a part of E-commerce application system, is a such system which support secured payment processes by providing reliable, secured, and efficient transaction services between sellers and buyers.The basic requirements of a payment system:- Provide secured and confidential transaction processes.- Conduct authentication and authorization for all involved parties.- Ensure the integrity of payment instructions for goods and services.- Availability, cost-effective, efficiency and reliability.- Global access and international useful Jerry Gao Ph.D. 10/2002

  6. Topic: Online Payment Protocols and Systems Introduction to Electronic Payment Systems Electronic payment is implemented by a flow of money from the payer via the issuer and acquirer to the payee.Advantages:- Fast transaction processing- Flexible of use (24 hours available)- Low cost transactions- Global accessible to customers and businessesDisadvantages:High risks and security challenges due to:- Unlike paper, digital “documents” can be copied perfectly and arbitrarily often.- Digital signatures can be produced by anybody who knows the secret cryptographic key.- A buyer’s name can be associated with every payment. Jerry Gao Ph.D. 10/2002

  7. Topic: Online Payment Protocols and Systems Introduction to Electronic Payment Systems Electronic Payment Models:(N. Asokan. Et al, [1]) Direct-payment systems:--> require an interaction between payer and payee.- Cash-like payment systems - A certain amount of money is taken away from the payer before purchases are made. Example: Smart card-based electronic purses, electronic cash, and bank checks - Check-like payment systems - pay-now systems (like credit card-based payment systems) - pay-later systems (like ATM card-based payment systems)Indirect payment systems:--> the payer or the payee initiates payment without the other party involved online. (Example, electronic funds transfer) Jerry Gao Ph.D. 10/2002

  8. Topic: Online Payment Protocols and Systems Figure 1.Money flow in a cash-like payment system [1] Jerry Gao Ph.D. 10/2002

  9. Topic: Online Payment Protocols and Systems Figure 2.Money flow in a check-like payment system [1] Jerry Gao Ph.D. 10/2002

  10. Topic: Online Payment Protocols and Systems Introduction to Electronic Payment Systems Classification of electronic payment systems:- Card-based payment systems:Examples: CyberCash, First Virtual (FV), VISA and MasterCard, CARI- Electronic checking systems:Examples: FSTC, NetBill- Electronic cash payment systems:Examples: Ecash (DgiCash), NetCash, CyberCoin, Mondex - Micro-payment systems:Examples: Millicent, SubScrip, PayWord, MicroMint, IKP micropayment. Jerry Gao Ph.D. 10/2002

  11. Topic: Online Payment Protocols and Systems Requirements of Electronic Payment To build secure and low overhead electronic transaction systems, different electronic payment protocols are generated and proposed.A payment protocol is a communication protocol which defines message formats, transaction rules, and sequences between involved parties in payment processing for e-commerce application systems.The major properties of the payment protocols are:- Atomicity: This states whether the transaction must occur completely or not.Two sub cases of atomicity: a) money transfer atomicity, where funds are transferred atomically. b) good-transfer atomicity, where the money and the goods are atomically transferred.- Consistency: All the involved parties must agree on the facts of exchange.- Durability: It must always be possible to recover the last consistent state.- Transaction independent: All the transactions must be independent to each other Jerry Gao Ph.D. 10/2002

  12. Topic: Online Payment Protocols and Systems Requirements of Electronic Payment Some additional properties of payment protocols:- Cost Factor: - Divisibility: All the involved parties must agree on the facts of exchange.- Scalability: It must support concurrent transactions.- Interoperability: It must be able to move value back and forth between systems.- Conservation: This is composed of temporal consistency, where holds its value over time, and supports different currency. - Online: It gives whether the transaction can be performed online.- Identified: It gives whether the identity of the person performed transaction is maintained. Jerry Gao Ph.D. 10/2002

  13. Topic: Online Payment Protocols and Systems Classification of Electronic Payment Protocols Classification of electronic payment protocols:- Account-based payment systems based on macro-payment protocols, where value is stored and exchanged via accounts in the existing systems.Examples: iKP, SET, - Electronic check payment systems based on electronic check payment scheme.Examples: NetBill- Digital cash payment systems based on digital cash payment protocols, where the medium of exchange is a maker representing value.Examples: Digicash, NetCash- Micro-payment protocols on the Internet: Examples: Millicent, Jerry Gao Ph.D. 10/2002

  14. Topic: Online Payment Protocols and Systems Classification of Electronic Payment Protocols E-Commerce Payment Protocols Macro-Payment Protocols Electronic Check Payment Protocols SET CyberCash iKP Digital Cash Payment Protocols FV SEPP NetBill Micro-Payment Protocols DigiCash FSTC NetCash Millicent Mondax PayWord CyberCoin SubScrip Cafe Jerry Gao Ph.D. 10/2002

  15. Topic: Account-Based Electronic Payment Systems Overview of Account-Based Payment Credit Card payment schemes have been in use as a payment method since 1960s. There are two major international brands: VISA and MasterCardAbout VISA:- The VISA brand grew from a scheme launched by the Bank of America, which was subsequently licensed by Barclaycard in the United Kingdom in 1966.- By the middle of 1995, VISA owned by its 180,000 member financial institutions, had issued more than 420 million cards and is accepted by more than 12 million merchants in 247 countries.About MasterCard:- MasterCard is of comparable size with 13 million merchants in 220 countries and 22,000 member organizations.- More than 800 million cards issued and nearly $1,300 billion of sales each year. Jerry Gao Ph.D. 10/2002

  16. Topic: Account-Based Electronic Payment Overview of Account-Based Payment Different types of payment card schemes:(A) Credit cards, where payments are set against a special-purpose account associated with some form of installment-based repayment scheme or a revolving line of credit. - pay later with limit and interest rate.(B) Debit cards (paperless checks) are linked to a checking/saving account. - pay now with balance checking.(C)Charge cards: work in a similar way to credit cards in that payments are set against a special-purpose account. - payment must be made at the end of billing period without limit.(D) Travel and entertainment cards are charge cards whose usage is linked to airlines, hotels, restaurants, car rental companies, or particular retail outlets. Jerry Gao Ph.D. 10/2002

  17. Topic: Account-Based Electronic Payment Systems Overview of Credit Card-Based Payment Card Association Payment Model: Card Issuer’s Bank Card Acquirer’s Bank CardHolder Merchant Jerry Gao Ph.D. 10/2002

  18. Topic: Account-Based Electronic Payment Systems Overview of Account-Based Payment VISA (total $1248.4B sales) ----------------------------------------------- Sales Volume No. of billions of $(U.S.) Cards (millions) MasterCard (763.4 million cards) -------------------------------------------- Sales Volume No. of billions of $(U.S.) Cards (millions) Region -------------------------------------------------------------------------------------------------------- U.S. 358.4 228.1 202.4 174 Europe 262.4 81.2 not available 53.5 Asia-Pacific 91.6 73 116.2 72.5 Canada 36.8 18.6 not available not available Middle East 5.6 2.3 5.5 2 Africa Latin America 23.6 21.4 19.1 21.2 Totals 778.4 424.7 470 338.7 Jerry Gao Ph.D. 10/2002

  19. Topic: Electronic Cash Payment Protocols and Systems Special Features of Account-Based Electronic Payment - Online Transaction. - Anonymity: This ensure that no detailed cash transactions for customer are traceable. Even sellers do not know the identity of customers involved in the purchases- Security: High security and low risk due to the use of traditional banking system and user accounts.- Standardization: Use of the existing standardized payment model - Flexibility: consumers can have multiple cards used in different countries and concurrency - All transactions can be easily traced by banking system and merchants. Jerry Gao Ph.D. 10/2002

  20. Topic: Electronic Check Payment Protocols and Systems Special Features of Account-Based Electronic Payment Limitations:- Dependency: dependent on existing banking systems.- Transaction cost: high transaction cost compared with other approaches- Performance: slower performance due to the authentication and account validation using the existing banking systems- Privacy: consumer loss of the privacy of their transactions Jerry Gao Ph.D. 10/2002

  21. Topic: Account-based Electronic Payment Systems Credit Card-Based Electronic Payment System: CyberCash About CyberCash:- CyberCash is a secure Internet payment system developed by CyberCash, Inc., which is located at Reston, VA, USA, and it was found in August 1994 to provide software and service solutions for secure financial transactions over the Internet.- CyberCash uses special wallet software, enable consumers to make secure purchases using major credit cards from CyberCash-affiliated merchants.- the CyberCash payment system was launched in April 1995. It had over half a million copies in circulation. - CyberCash has other payment systems, such as CyberCoin (electronic cash system)and PayNow (electronic check system). Jerry Gao Ph.D. 10/2002

  22. Topic: Account-based Electronic Payment Systems Credit Card-Based Electronic Payment System: CyberCash Features of CyberCash:- Use the existing credit card infrastructure for settlement payments.- Use cryptographic techniques to protect the transaction data during a purchase.- Authenticate the identifies of both parties to the transaction.- Provide online transaction and online authentication. - Broker the transaction between merchant’s bank and cardholder’s bank. Jerry Gao Ph.D. 10/2002

  23. Topic: Account-Based Payment Protocols and Systems Credit Card-Based Electronic Payment System: CyberCash Banking Network CyberCash Server Internet Registration Card binding Purchase messages Customer Wallet Merchant Software Purchase Web Browser Shopping Web Server CyberCash Payment Model Jerry Gao Ph.D. 10/2002

  24. Topic: Account-Based Payment Protocols and Systems Credit Card-Based Electronic Payment System: CyberCash Cybercash Server (CS) Consumer Merchant Finish shopping Click “PAY” order form Payment-req Choose CC, addr Credit-card pay forward details auth-capture authorize + clear with bank charge-action-res issue receipt Charge-card-res log transaction Payment Steps in a CyberCash Purchase Jerry Gao Ph.D. 10/2002

  25. Topic: Account-Based Payment Protocols and Systems Credit Card-Based Electronic Payment System: CyberCash CyberCash Messages: Header Transport Opaque Trailer Header: It indicates the start of a CyberCash message. Transport: It contains the order information in a purchase, transaction ID, date, and the key ID to the encrypt the opaque part. Opaque: The encrypted part of a message. Trailer: the end of a CyberCash message.

  26. Topic:Elect ronic Check Payment Protocols and Systems Electronic Check Payment System: NetBill Overview of NetBill:- NetBill is a dependable, secure and economical payment method for purchasing digital goods and services through the Internet.- NetBill protocol is developed by Carnegie Mellon University.- In partnership with Visa International and Mellon Bank, the first trial of the system was installed in early 1996.Major goals of NetBill:- Support high transaction volumes at low cost- Provide authentication, privacy, and security for transactions - Provide account management and administration for consumers and merchants Jerry Gao Ph.D. 10/2002

  27. Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Process: NetBill Merchant Customer Network NetBill Server Bank Jerry Gao Ph.D. 10/2002

  28. Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment System: NetBill NetBill Server 1 Merchant Customer 2 6 3 4 5 7 8 1. Consumer’s application send a price quote request to the merchant’s application through a checkbook library. 2. Merchant’s application sends back the price quote the consumer’s application. 3. Consumer accepts the price quote, and then sends a purchase request through the Checkbook library. 4. Merchant’s application sends to the consumer’s Checkbook encrypted in a one-time key. 5.Consumer sends a electronic payment order (EPO) to merchant’s application. 6. The merchant’s application sends the endorsed EPO to the NetBill server. 7. NetBill server verifies that the consumer and merchant signatures are valid. Then, return the merchant a digitally signed receipt with a decryption key. 8. The merchant’s application forward the NetBill server’s receipt to the Check book. Jerry Gao Ph.D. 10/2002

  29. Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment System: NetBill NetBill Archecture: (Source: NetBill 1994 Prototype) Consumer Application Checkbook Merchant Application Till Security Server Transaction Server User Admin. Server Payment & Collection Server System Admin. Server DB Jerry Gao Ph.D. 10/2002

  30. Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment System: NetBill Major features of NetBill:- Certified delivery: delivering encrypted information goods and then charging against the consumer’s NetBill account. Then, decryption key registration are used at both the merchant’s application and the NetBill server.- Scalability: the bottleneck in the NetBill model is the NetBill Server which supports many different merchants.- Support for flexible pricing: by including the steps of offer and acceptance. The merchant can calculate a customized quote for individual consumer.- Protection of consumer accounts against unscrupulous merchants in a conventional credit card transaction. Jerry Gao Ph.D. 10/2002

  31. Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment System: NetBill Security Mechanisms of NetBill:- Create a NetBill account for each consumer by using a unique user ID and the RSA public key. - the key pair is certified by NetBill and is used for signatures and authentication in the system.-These signatures are used to check the elements of NetBill transactions (the price quote, the acceptance, etc) really came from the right parties.- NetBill uses symmetric cryptogrphy method for message authentication and encryption and decryption. Jerry Gao Ph.D. 10/2002

  32. Topic: Micro-Payment Protocols and Systems Micro-Payment Systems - Objectives: ---> Micro-payment situations: Although micro-payment systems share the similar requirements of other payment systems, they focus on special markets, where: - Low-value transactions involved less than the value of smallest coin. - Non-tangible and network-deliverable merchandise examples: archived magazines, journals, CD, software,…- Special requirements: - Fast and low cost payment transactions. - Very small amount of value - Reduced the number of involved parties - High scalable The issues of other payment systems: - Account-based systems have high transaction costs. - Transaction speed in electronic checking systems is slow. - Electronic money systems involve more parties, have low transaction speed, and cause poor scalability. Jerry Gao Ph.D. 10/2002

  33. Topic: Micro-Payment Protocols and Systems Micro-Payment Protocols - Objectives: ---> Micro-payment situations: Although micro-payment systems share the similar requirements of other payment systems, they focus on special markets, where: - Low-value transactions involved less than the value of smallest coin. - Non-tangible and network-deliverable merchandise examples: archived magazines, journals, CD, software,…- Special requirements: - Fast and low cost payment transactions. - Very small amount of value - Reduced the number of involved parties - High scalable The issues of other payment systems: - Account-based systems have high transaction costs. - Transaction speed in electronic checking systems is slow. - Electronic money systems involve more parties, have low transaction speed, and cause poor scalability. Jerry Gao Ph.D. 10/2002

  34. Topic: Micro-Payment Protocols and Systems Micro-Payment Protocols and Systems Micro-payment Protocols: - Millicent, developed by Digital Equipment Corp. in 1995. - SubScrip, developed at the University of Newcastle, Australia. - PayWord, developed by Ron Rivest (MIT) and Adi Shamir. - MicroMint, developed by Ron Rivest and Adi Shamir. - iKP micropayment protocolMicro-payment systems do not available in conventional commerce.They open many new areas of business.Examples: - Millicent payment system - Micro Payment Transfer Protocol (MPTP) based on PayWord. Jerry Gao Ph.D. 10/2002

  35. Topic: Micro-Payment Protocols and Systems Micro-Payment Systems - Important features of Micro-payment protocols and systems: - Simplified verification - Simple security mechanisms - Very low cost transactions - Very fast speed - Simplified architecture- Major factors on transaction costs: - Payment methods - Complexity of security mechanisms - The number of involved parties - Transaction model (on-line/off-line) Jerry Gao Ph.D. 10/2002

  36. Topic: Micro-Payment Protocols and Systems Micro-Payment Protocol: Millicent Overview of Millicent:Millicent payment protocol is designed for low-amount transactions over the Internet.It is developed by Digital - Support low-cost, secured transactions (less than one cent) - Use non-expensive symmetric crytographic algorithms - Use scrip as digital cash for customers to make purchases from vendors - Provide decentralized validation of electronic cash at the vendor’s server - Provide no additional communications, off-line processing.Business market: electronic publishing, software and game industries. Performance: 14,000 pieces of Scrip can be produced per second. 8,000 payments can be validated per second, with change Scrip being produced.A public trial of the Millicent system was scheduled for the summer of 1997. Jerry Gao Ph.D. 10/2002

  37. Topic: Micro-Payment Protocols and Systems Micro-Payment Protocol: MilliCent MilliCent model: MilliCent protocols use a form of electronic currency called Scrip to connect three involved parties: - vendors, customers, and brokers.Scrip is vendor specific.A Millicent broker:--> medicate between vendors and customers to simplify the tasks they perform.--> aggregate micro-payments--> sell vendor Scrip to customers--> handle the real money in the Millicent system.--> maintain customer accounts and vendors (subScripion services)--> buy and produce large chunks of vendor Scrips (for licensed vendors) Vendors: --> are merchants selling low-value services or information to customersCustomers: --> buy broker Scrip with real money from selected brokers. --> use the vendor Scrips to make purchases. Jerry Gao Ph.D. 10/2002

  38. Topic: Micro-Payment Protocols and Systems Micro-Payment Protocol: MilliCent Customer Dealer 3 1. Customer sends broker-scripts. 2. Customer gets dealer-script. 3. Customer send dealer-scripts. Internet 1 2 Broker Jerry Gao Ph.D. 10/2002

More Related