E-Commerce 08
-
Upload
zarrar-siddiqui -
Category
Education
-
view
666 -
download
0
Transcript of E-Commerce 08
Chapter 8
Electronic Payment Systems
1
2
LensDoc: Credit Card Dilemma
LensDoc—online retailer of:Contact lensesSun and magnifying glassesDental care and personal care products
Customers pay by credit card (90% of all online purchases in the U.S.)
Easy to purchaseEasy to purchase fraudulentlyContact lenses cannot be returned once used, but unsatisfied customers want their money back
3
LensDoc: Credit Card Dilemma (cont.)
Solutions:Process credit card purchases by handRequire:
Home addressShipping address
Investigating alternative methods of payment
Cash cardsSpecial card-swiping peripheralsCredit card processing services
Currently disadvantages outweigh advantages of any of these alternatives
4
Electronic Payments: An Overview
E-payment methodsCredit cardsElectronic funds transfer (EFT)E-payments
Smart cardsDigital cash and scriptDigital checksE-billing
All have the ability to transfer payment from one person or party to another
5
Electronic Payments: An Overview (cont.)
Four parts involved in e-payments
IssuerCustomer/payer/buyerMerchant/payee/sellerRegulator
Key issue of trust must be addressed
PrivacyAuthentication and authorizationIntegrityNonrepudiation
6
Electronic Payments: An Overview (cont.)
IndependenceInteroperability and portabilitySecurity
AnonymityDivisibilityEase of useTransaction fees
Crucial factors in determining which method of e-payment achieves widespread acceptance
7
Security for E-Payments
Public key infrastructurePlaintext Encryption algorithmCiphertext Key
Types of encryption systemsSymmetric (private key)
Used to encrypt and decrypt plain textShared by sender and receiver of text
Asymmetric (public key)Uses a pair of keysPublic key to encrypt the messagePrivate key to decrypt the message
8
Figure 8-2Private Key Encryption
9
Public Key Encryption
Size of keyRSA algorithm
Speed of KeyRijndael algorithm
10
Digital Signatures: authenticity and nondenial
Analogous to handwritten signatureBased on public keysUsed to:
Authenticate the identity of the sender of a message or documentEnsure the original content of the electronic message or document is unchanged
Benefits:
PortableCannot be easily repudiated or imitatedCan be time stamped
Security for E-Payments (cont.)
11
Figure 8-3Digital Signatures
12
Security for E-Payments (cont.)
Digital certificates
Identifying the holder of a public key (Key-Exchange)Issued by a trusted certificate authority (CA)
Name : “Richard”key-Exchange Key :Signature Key :Serial # : 29483756Other Data : 10236283025273Expires : 6/18/04Signed : CA’s Signature
13
Security for E-Payments (cont.)
Secure socket layer/transport layer securitySecure socket layer (SLL)—handle on Web browser, utilizing CAs and data encryption
EncryptionDigital certificatesDigital signatures
In 1996 SSL was standardized and named transport layer security (TSL)Operates at TCP/IP layer (base layer for Internet)IPSec—secure version of IP protocol
14
SET Vs. SSL
Secure Electronic Transaction(SET)
Secure Socket Layer (SSL)
Complex SimpleSET—tailored to credit card payment to merchants
SSL—protocol for general-purpose secure message exchanges (encryption)
SET protocol hides customer’s credit card information from merchants and order information to banks, to protect privacy (dual signature)
SSL protocol may use a certificate, but there is no payment gateway. Merchants need to receive ordering information and credit card information (capturing process initiated by merchants)
15
E-Cards
Three common types of payment cards
Credit cards—provides holder with credit to make purchases up to a limit fixed by the card issuerCharge cards—balance on a charge card is supposed to be paid in full upon receipt of monthly statementDebit card—cost of a purchase drawn directly from holder’s checking account (demand-deposit account)
16
E-Cards (cont.)
The PlayersCardholderMerchant (seller)Issuer (your bank)Acquirer (merchant’s financial institution, acquires the sales slips)Card association (VISA, MasterCard)Third-party processors (outsourcers performing same duties formerly provided by issuers, etc.)
17
Figure 8-4Online Credit Card Processing
Source: The E-Commerce Book: Building the E-Empire by S. Korper and J. Ellis, copyright © 2000 by Academic Press, reproduced by permission of the publisher.
18
E-Cards (cont.)
E-walletsOne-click shopping—saving your order information on retailer’s Web server
NameShipping addressBilling addressCredit card information
E-wallet—software downloaded to cardholder’s desktop that stores same information and allows one-click-like shopping
19
E-Cards (cont.)
Other security risks with credit cardsStolen cardsReneging by the customer—authorizes a payment and later denies itTheft of card details stored on merchant’s computer—isolate computer storing information so it cannot be accessed directly from the WebOvercoming risks with virtual credit cards
20
E-Cards (cont.)
Purchase cardsInstrument of choice for B2B purchasingSpecial-purpose, non-revolving payment cards issued to employees solely for purchasing and paying for nonstrategic materials and services
21
E-Cards (cont.)
Purchase cards—operate like other credit cardsCardholder of corporation places an order for goods or servicesSupplier processes transaction with authorization of card issuerIssuer verifies purchase authorizationAll cardholders’ transactions processed centrally—one payment for all purchasesEach cardholder reviews monthly statementCard issuer analyzes transactions—standard and ad hoc reports are madeCard issuer creates electronic file to upload to corporation’s ledger system
22
E-Cards (cont.)
Benefits of purchasing cardsCost savingsProductivity gainsBill consolidationPayment reconciliationPreferred pricingManagement reports
23
E-Cards (cont.)
Smart CardsIntegrated circuit (IC) microprocessor cards—
includes IC chips with programmable functions that make cards “smart”
Integrated circuit (IC) memory cards—no processor
Suitable for uses where card performs fixed operation
Disposable, prepaid (phone cards)
24
E-Cards (cont.)
Optical memory cardsStores 4MB of data; once written, data cannot be changed or removedIdeal for keeping records (medical files)Require expensive card readers
Categorize smart cards by how they store data
Contact card—insert in smart card readerContactless card—embedded antenna read by another antenna (mass-transit applications)
25
Contactless IC Cards
Proximity CardUsed to access buildings and pay for buses and other transportation systemsBus, subway and toll card in many cities
Amplified Remote Sensing CardGood for a range of up to 100 feet, and can be used for tolling moving vehicles at gatesPay toll without stopping (e.g. Highway 91 in California)
26
Figure 8-5Smart Card Image
Embedded chip
Source: Visa.
27
E-Cards (cont.)
Important applications of smart card use:LoyaltyFinancialInformation technologyHealth and social welfareTransportationIdentification
28
E-Cash and Payment Card Alternatives
E-cash and credit card alternatives (for micropayments—under $10)
E-cash (eCoin.net)Identity of user hidden from merchantEasier to use than earlier e-cash systemsRequires specialized software
Qpass (Qpass.com)Set up Qpass accountUser name and passwordWhat credit card to charge
29
E-Cash and Payment Card Alternatives (cont.)
PrivateBuyUser establishes accountUser assigned 16-digit user number (anonymous address)Hides user name and card number from merchant siteRelies on credit card system already in place
30
E-Cash and Payment Card Alternatives (cont.)
Echarge enables users to:Establish accountsReceive user ID and passwordUse instead of credit card numbersPurchases billed to user’s credit cardMerchants must establish payment option
31
E-Cash and Payment Card Alternatives (cont.)
Stores cash downloaded from bank or credit card accountCommon uses
Disposable vs. reloadable cardsSample cards
Visa cashMondex
Electronic pursesLack of interoperable equipment and standardsCommon Electronic Purse Specification (CEPS)
32
E-Cash and Payment Card Alternatives (cont.)
E-loyalty and rewards programsLoyalty programs online
Beenz.comConsumer earns beenz by visiting, registering, or purchasing at 300 participating sitesBeenz are stored and used for later purchasesPartnered with MasterCard to offer rewardzcard—stored-value card used in U.S. and Canada for purchases where MasterCard is acceptedTransfer beenz into money to spend on Web, by phone, mail order, physical stores
33
E-Cash and Payment Card Alternatives (cont.)
MyPoints-CyberGoldCustomers earn cashCash used for later purchases or applied to credit card account
RocketCashCombines online cash account with rewards programUser opens account and adds fundsUsed to make purchases at participating merchants
34
E-Cash and Payment Card Alternatives (cont.)
Person-to-person (P2P) payments and gifts
Enable transfer of funds between two individuals
Repaying money borrowedPaying for an item purchased at online auctionSending money to students at collegeSending a gift to a family member
35
Figure 8-7Sending money with PayPal
Source: paypal.com.
36
E-Checking
Electronic checkbookCounterpart of electronic walletTo be integrated with the accounting information system of business buyers and with the payment server of sellersTo save the electronic invoice and receipt of payment in the buyers and sellers computers for future retrievalExample : SafeCheckUsed mainly in B2B
37
E-Checking (cont.)
Current checking systemRole of clearinghouses in the check-clearing processMagnetic ink characters (MICR)Costs of the current system
Electronic version of paper checkLeverage check payment systemsFit within current business practices, eliminate need for process reengineeringWork like paper check with fewer manual steps
38
E-Checking (cont.)
Designed to meet needs of businesses and consumers (state of the art security systems)Used by all bank customers with checking accountsEnhance existing bank accounts with new EC features
Benefits of e-checking for industry-wide savings
Online check collection processOnline notices of check returnsTruncating paper checks at bank of first depositCreating new cash management product opportunities
39
E-Checking (cont.)
Truncating paper checks at bank of first depositCreating new cash management product opportunitiesCheckfree (checkfree.com) leading third-party e-billing vendor
40
E-Checking (cont.)
Treasury Department expects e-checks to:
Enhance security through use of public key cryptography“Push” a payment to the payee and not “pull” funds from general account of the U.S.Leverage Internet for its strength as ubiquitous communication vehicleIncrease payment choices for U.S. Treasury payees
41
E-Billing
Customers are either individuals or companiesTwo common models of e-billing
Biller direct—customer receives bill from a single merchantThird-party consolidators—presents bills from multiple merchants
42
Managerial Issues
In the B2C world, understand your customers and productsIn the B2B world, keep an open mind about online alternativesIn-house or outsourceSecurity continues to be a major issue