Two main issues need to be considered under the topic of payment security: what is required in order to make e-Commerce (EC) payments safe, and the methods that can be used to do so.
Security Requirements. Security requirements for conducting EC are the following:
1. Authentication.
The buyer, the seller, and the paying institutions must be assured of the identity of the parties with whom they are dealing.
2. Integrity.
It is necessary to ensure that data and information transmitted in EC, such as orders, reply to queries, and payment authorization, are not accidentally or maliciously altered or destroyed during transmission.
3. Nonrepudiation.
Merchants need protection against the customer’s unjustified denial of placing an order. On the other hand, customers need protection against merchants’ unjustified denial of payments made. (Such denials, of both types, are called repudiation.)
4. Privacy.
Many customers want their identity to be secured. They want to make sure others do not know what they buy. Some prefer complete anonymity, as is possible with cash payments.
5. Safety.
Customers want to be sure that it is safe to provide a credit card number on the Internet. They also want protection against fraud by sellers or by criminals posing as sellers.
Security Protection
Several methods and mechanisms can be used to fulfill the above requirements. One of the primary mechanisms is encryption,which is often part of the most useful security schemes.
E-Wallets.
E-wallets (or digital wallets) are mechanisms that provide security measures to EC purchasing. The wallet stores the financial information of the buyer, including credit card number, shipping information, and more. Thus, sensitive information does not need to travel on the Net, and the buyer and seller save time. E-wallets can contain digital certificates , e-loyalty information, etc. As soon as you place an order, say at Amazon.com, your e-wallet at Amazon is opened, and Amazon can process your order.
The problem is that you need an e-wallet with each merchant. One solution is to have a wallet installed on your computer (e.g., MasterCard Wallet). In that case, though, you cannot purchase from another computer, nor is it a totally secured system. Another solution is a universal e-wallet such as Microsoft’s Passport and the Liberty Alliance. Universal systems are becoming popular since they provide a digital identity as well. For a description of how Microsoft’s Passport works.
Virtual Credit Cards
Virtual credit cards are a service that allow you to shop with an ID number and a password instead of with a credit card number. They are used primarily by people who do not trust browser encryption sufficiently to use their credit card number on the Internet. The virtual credit card gives an extra layer of security. The bank that supports your traditional credit card, for example, can provide you with a transaction number valid for use online for a short period. For example, if you want to make a $200 purchase, you would contact your credit card company to charge that amount to your regular credit card account, and would be given transaction number that is good for charges up to $200. This transaction number is encrypted for security, but even in the worst possible case (that some unauthorized entity obtained the transaction number), your loss be limited, in this case to $200. For another example of virtual credit cards, see americanexpress.com
Payment Using Fingerprints
An increasing number of supermarkets allow their regular customers to pay by merely using their fingerprint for identification. A computer template of your fingerprint is kept in the store’s computer system. Each time you shop, your fingerprint i smatched with the template at the payment counter. You approve the amount which is then charged either to your credit card or bank account.
(No Ratings Yet)
Loading ...
|
Do you have a Facebook fan page for your site?