E-Commerce 08

Chapter 8

Electronic Payment Systems

1

2

LensDoc: Credit Card Dilemma

LensDoc—online retailer of:Contact lensesSun and magnifying glassesDental care and personal care products

Customers pay by credit card (90% of all online purchases in the U.S.)

Easy to purchaseEasy to purchase fraudulentlyContact lenses cannot be returned once used, but unsatisfied customers want their money back

3

LensDoc: Credit Card Dilemma (cont.)

Solutions:Process credit card purchases by handRequire:

Home addressShipping address

Investigating alternative methods of payment

Cash cardsSpecial card-swiping peripheralsCredit card processing services

Currently disadvantages outweigh advantages of any of these alternatives

4

Electronic Payments: An Overview

E-payment methodsCredit cardsElectronic funds transfer (EFT)E-payments

Smart cardsDigital cash and scriptDigital checksE-billing

All have the ability to transfer payment from one person or party to another

5

Electronic Payments: An Overview (cont.)

Four parts involved in e-payments

IssuerCustomer/payer/buyerMerchant/payee/sellerRegulator

Key issue of trust must be addressed

PrivacyAuthentication and authorizationIntegrityNonrepudiation

6

Electronic Payments: An Overview (cont.)

IndependenceInteroperability and portabilitySecurity

AnonymityDivisibilityEase of useTransaction fees

Crucial factors in determining which method of e-payment achieves widespread acceptance

7

Security for E-Payments

Public key infrastructurePlaintext Encryption algorithmCiphertext Key

Types of encryption systemsSymmetric (private key)

Used to encrypt and decrypt plain textShared by sender and receiver of text

Asymmetric (public key)Uses a pair of keysPublic key to encrypt the messagePrivate key to decrypt the message

8

Figure 8-2Private Key Encryption

9

Public Key Encryption

Size of keyRSA algorithm

Speed of KeyRijndael algorithm

10

Digital Signatures: authenticity and nondenial

Analogous to handwritten signatureBased on public keysUsed to:

Authenticate the identity of the sender of a message or documentEnsure the original content of the electronic message or document is unchanged

Benefits:

PortableCannot be easily repudiated or imitatedCan be time stamped

Security for E-Payments (cont.)

11

Figure 8-3Digital Signatures

12


Digital certificates

Identifying the holder of a public key (Key-Exchange)Issued by a trusted certificate authority (CA)

Name : “Richard”key-Exchange Key :Signature Key :Serial # : 29483756Other Data : 10236283025273Expires : 6/18/04Signed : CA’s Signature

13


Secure socket layer/transport layer securitySecure socket layer (SLL)—handle on Web browser, utilizing CAs and data encryption

EncryptionDigital certificatesDigital signatures

In 1996 SSL was standardized and named transport layer security (TSL)Operates at TCP/IP layer (base layer for Internet)IPSec—secure version of IP protocol

14

SET Vs. SSL

Secure Electronic Transaction(SET)

Secure Socket Layer (SSL)

Complex SimpleSET—tailored to credit card payment to merchants

SSL—protocol for general-purpose secure message exchanges (encryption)

SET protocol hides customer’s credit card information from merchants and order information to banks, to protect privacy (dual signature)

SSL protocol may use a certificate, but there is no payment gateway. Merchants need to receive ordering information and credit card information (capturing process initiated by merchants)

15

E-Cards

Three common types of payment cards

Credit cards—provides holder with credit to make purchases up to a limit fixed by the card issuerCharge cards—balance on a charge card is supposed to be paid in full upon receipt of monthly statementDebit card—cost of a purchase drawn directly from holder’s checking account (demand-deposit account)

16

E-Cards (cont.)

The PlayersCardholderMerchant (seller)Issuer (your bank)Acquirer (merchant’s financial institution, acquires the sales slips)Card association (VISA, MasterCard)Third-party processors (outsourcers performing same duties formerly provided by issuers, etc.)

17

Figure 8-4Online Credit Card Processing

Source: The E-Commerce Book: Building the E-Empire by S. Korper and J. Ellis, copyright © 2000 by Academic Press, reproduced by permission of the publisher.

18

E-Cards (cont.)

E-walletsOne-click shopping—saving your order information on retailer’s Web server

NameShipping addressBilling addressCredit card information

E-wallet—software downloaded to cardholder’s desktop that stores same information and allows one-click-like shopping

19

E-Cards (cont.)

Other security risks with credit cardsStolen cardsReneging by the customer—authorizes a payment and later denies itTheft of card details stored on merchant’s computer—isolate computer storing information so it cannot be accessed directly from the WebOvercoming risks with virtual credit cards

20

E-Cards (cont.)

Purchase cardsInstrument of choice for B2B purchasingSpecial-purpose, non-revolving payment cards issued to employees solely for purchasing and paying for nonstrategic materials and services

21

E-Cards (cont.)

Purchase cards—operate like other credit cardsCardholder of corporation places an order for goods or servicesSupplier processes transaction with authorization of card issuerIssuer verifies purchase authorizationAll cardholders’ transactions processed centrally—one payment for all purchasesEach cardholder reviews monthly statementCard issuer analyzes transactions—standard and ad hoc reports are madeCard issuer creates electronic file to upload to corporation’s ledger system

22

E-Cards (cont.)

Benefits of purchasing cardsCost savingsProductivity gainsBill consolidationPayment reconciliationPreferred pricingManagement reports

23

E-Cards (cont.)

Smart CardsIntegrated circuit (IC) microprocessor cards—

includes IC chips with programmable functions that make cards “smart”

Integrated circuit (IC) memory cards—no processor

Suitable for uses where card performs fixed operation

Disposable, prepaid (phone cards)

24

E-Cards (cont.)

Optical memory cardsStores 4MB of data; once written, data cannot be changed or removedIdeal for keeping records (medical files)Require expensive card readers

Categorize smart cards by how they store data

Contact card—insert in smart card readerContactless card—embedded antenna read by another antenna (mass-transit applications)

25

Contactless IC Cards

Proximity CardUsed to access buildings and pay for buses and other transportation systemsBus, subway and toll card in many cities

Amplified Remote Sensing CardGood for a range of up to 100 feet, and can be used for tolling moving vehicles at gatesPay toll without stopping (e.g. Highway 91 in California)

26

Figure 8-5Smart Card Image

Embedded chip

Source: Visa.

27

E-Cards (cont.)

Important applications of smart card use:LoyaltyFinancialInformation technologyHealth and social welfareTransportationIdentification

28

E-Cash and Payment Card Alternatives

E-cash and credit card alternatives (for micropayments—under $10)

E-cash (eCoin.net)Identity of user hidden from merchantEasier to use than earlier e-cash systemsRequires specialized software

Qpass (Qpass.com)Set up Qpass accountUser name and passwordWhat credit card to charge

29

E-Cash and Payment Card Alternatives (cont.)

PrivateBuyUser establishes accountUser assigned 16-digit user number (anonymous address)Hides user name and card number from merchant siteRelies on credit card system already in place

30


Echarge enables users to:Establish accountsReceive user ID and passwordUse instead of credit card numbersPurchases billed to user’s credit cardMerchants must establish payment option

31


Stores cash downloaded from bank or credit card accountCommon uses

Disposable vs. reloadable cardsSample cards

Visa cashMondex

Electronic pursesLack of interoperable equipment and standardsCommon Electronic Purse Specification (CEPS)

32


E-loyalty and rewards programsLoyalty programs online

Beenz.comConsumer earns beenz by visiting, registering, or purchasing at 300 participating sitesBeenz are stored and used for later purchasesPartnered with MasterCard to offer rewardzcard—stored-value card used in U.S. and Canada for purchases where MasterCard is acceptedTransfer beenz into money to spend on Web, by phone, mail order, physical stores

33


MyPoints-CyberGoldCustomers earn cashCash used for later purchases or applied to credit card account

RocketCashCombines online cash account with rewards programUser opens account and adds fundsUsed to make purchases at participating merchants

34


Person-to-person (P2P) payments and gifts

Enable transfer of funds between two individuals

Repaying money borrowedPaying for an item purchased at online auctionSending money to students at collegeSending a gift to a family member

35

Figure 8-7Sending money with PayPal

Source: paypal.com.

36

E-Checking

Electronic checkbookCounterpart of electronic walletTo be integrated with the accounting information system of business buyers and with the payment server of sellersTo save the electronic invoice and receipt of payment in the buyers and sellers computers for future retrievalExample : SafeCheckUsed mainly in B2B

37

E-Checking (cont.)

Current checking systemRole of clearinghouses in the check-clearing processMagnetic ink characters (MICR)Costs of the current system

Electronic version of paper checkLeverage check payment systemsFit within current business practices, eliminate need for process reengineeringWork like paper check with fewer manual steps

38

E-Checking (cont.)

Designed to meet needs of businesses and consumers (state of the art security systems)Used by all bank customers with checking accountsEnhance existing bank accounts with new EC features

Benefits of e-checking for industry-wide savings

Online check collection processOnline notices of check returnsTruncating paper checks at bank of first depositCreating new cash management product opportunities

39

E-Checking (cont.)

Truncating paper checks at bank of first depositCreating new cash management product opportunitiesCheckfree (checkfree.com) leading third-party e-billing vendor

40

E-Checking (cont.)

Treasury Department expects e-checks to:

Enhance security through use of public key cryptography“Push” a payment to the payee and not “pull” funds from general account of the U.S.Leverage Internet for its strength as ubiquitous communication vehicleIncrease payment choices for U.S. Treasury payees

41

E-Billing

Customers are either individuals or companiesTwo common models of e-billing

Biller direct—customer receives bill from a single merchantThird-party consolidators—presents bills from multiple merchants

42

Managerial Issues

In the B2C world, understand your customers and productsIn the B2B world, keep an open mind about online alternativesIn-house or outsourceSecurity continues to be a major issue

E-Commerce 08

Education

Transcript of E-Commerce 08