The security of E-Commerce transactions depends both on 1-The network protocols
2-The payment framework used to perform the transaction.
 |
Network Transport Security |
 |
There are some secure transport protocols that provide confidentiality and authentication between systems and applications by using encryption. |
|
Virtual Private Networking (VPN) |
3.5 Payment Systems for Electronic Commerce
|
Virtual Private Networking technology provides the medium to use the public Internet backbone as an appropriate channel for private data communication. |
|
With encryption and encapsulation technology, a VPN essentially carves out a private passageway through the Internet. |
|
VPNs will allow remote offices, company road warriors, and even business partners or customers to use the Internet, rather than pricey private lines, to reach company networks. So the companies can save a lot of money. |
|
VPNs to link remote LANs together or give traveling staffers, work-at-home employees, and business partners a simple way to reach past company firewalls and tap into company resources. |
|
Virtual private networks are flexible. They are point-to-multipoint connections, rather than point-to-point links. |
The advantages of VPN
|
It is cheap for connecting WANs. |
|
It provides encryption and authentication services for a fairly good measure of privacy. |
|
Maintenance of the WAN-to-WAN connection is left to Internet Service Providers. |
|
It is highly flexible. |
3.5 Payment Systems for Electronic Commerce
IPSec (Ipv6)
|
IPSec provides security for transmission of sensitive information over unprotected networks such as the Internet. |
|
IPSec acts at the network layer, protecting and authenticating IP packets between participating IPSec devices ("peers"), such as Cisco routers. |
|
With IPSec, data can be transmitted across a public network without fear of observation, modification, or spoofing. This enables applications such as Virtual Private Networks (VPNs), including intranets, extranets, and remote user access. |
|
The Secure Sockets Layer protocol (SSL) is a communication system that ensures privacy when communicating with other SSL-enabled products. |
|
SSL is a protocol that runs above TCP/IP and below HTTP or other top-level protocols. |
|
Most commercial Web servers and browsers, as well as many free Web servers, support SSL. |
SSL-encrypted communication Steps
|
The client sends a request to connect to the secure server. |
|
The server sends its presigned certificate to the client. This, and the first step, are collectively known as the handshake. |
3.5 Payment Systems for Electronic Commerce
|
The client compares the information in the certificate with the information it just received concerning the site: its domain name and its public key. If the information matches, the client accepts the site as authenticated. |
|
The client tells the server what ciphers, or types of encryption keys, it can communicate with. |
|
The server chooses the strongest common cipher and informs the client. |
|
Using that cipher, the client generates a session key (a symmetric encryption key used only for this transaction) and encrypts it using the server's public key. |
|
The client encrypts the session key using the server's public key, then it sends the encrypted session key to the server. |
|
The server receives the encrypted session key and decrypts it using its private key. |
|
The client and the server use the session key to encrypt and decrypt the data they send to each other. |
Private Communications Technology
|
PCT protocol furnishes the following elements of transmission security for client/server relationships over the Internet: |
3.5 Payment Systems for Electronic Commerce
A. Provides symmetric session-encryption keys between servers and clients. Accommodates authentication of server to client via Certificate of Authority (CA) trusted public keys; optionally, it also authenticates client to server. Verifies message integrity with hash function message digests, as explained earlier for the SET protocol.
B.PCT assumes the existence of a network transport layer (most commonly TCP/IP), but not a particular application protocol. Thus PCT can be implemented to coexist equally with HTTP, FTP, and so on.
PCT Advantages
1-PCT permits stronger authentication because it separates the authentication and encryption functions.
|
The public/private key pairs used to authenticate messages are specified to be different from the encryption keys. Indeed, as we saw with SET, there is no built-in requirement to encrypt a message at all (but authentication can still take place). |
|
Although PCT can be used to conduct electronic commerce, it was not specifically designed for this purpose as SET was. |
|
with PCT, the merchant obtains the customer's credit card number. With SET the consumer is protected by a higher degree of anonymity: The merchant need only have the bank's voucher that the consumer has enough money to pay for the goods. |
3.5 Payment Systems for Electronic Commerce
S-HTTP
|
S-HTTP was designed to secure HTTP connections. |
|
S-HTTP provides a wide variety of mechanisms to provide for confidentiality, authentication, and integrity. Separation of policy from mechanism was an explicit goal. |
|
The system is not tied to any particular cryptographic system, key infrastructure, or cryptographic format. The Internet draft is fairly clear in its presentation of the protocol, although implementation details are sketchy. |
|
S-HTTP is a superset of HTTP, which allows messages to be encapsulated in various ways. Encapsulations can include encryption, signing, or MAC based authentication. |
|
S-HTTP also includes header definitions to provide key transfer, certificate transfer, and similar administrative functions. S-HTTP appears to be extremely flexible in what it will allow the programmer to do. |
3.5 Payment Systems for Electronic Commerce
|
S-HTTP also offers the potential for substantial user involvement in, and oversight of, the authentication & encryption activities. |
|
Threats to S-HTTP are similar to those against SSL. |
|
In the case of a hacker, or looker, the attack on a CA may be more difficult, due to the existence of multiple CAs. |
|
A key could theoretically be verified by several CAs, making an attack infeasible. |
|
The default operational mode of S-HTTP is substantially more resistant to attack than that of SSL. It resists clear text cryptanalysis, Man In The Middle, and replay attacks. |
|
It is more robust than SSL, because option renegotiation and retries are permitted. |
|
S-HTTP, in being flexible, may offer a programmer enough rope to hang himself. Admittedly, it does not offer very many broken options, but it doesn't seem to have anything like SSL's. |
|
S-HTTP does not require client-side public key certificates (or public keys), supporting a symmetric session key operation mode. |
|
S-HTTP supports end-to-end secure transactions, in contrast with current usage of the existing HTTP authorization protocol which requires the client to attempt access and be denied before the security mechanism is employed. |
3.5 Payment Systems for Electronic Commerce
|
Secure payment protocols are not necessarily tied to any of the aforementioned transport mechanisms, or even tied to a specific network architecture. |
|
These payment schemes exist in various degrees of implementation. |
First Virtual
|
The First Virtual payment system is unique in that it does not use encryption. A fundamental philosophy of their payment system is that certain information should not travel over the Internet because it is an open network. |
|
Their payment system is based on existing Internet protocols, with the backbone of the system designed around Internet email and the MIME (Multipurpose Internet Mail Extensions) standard. |
|
First Virtual uses email to communicate with a buyer to confirm charges against their account. |
|
The First Virtual payment system has several advantages and disadvantages over other payment systems used on the Internet. |
3.5 Payment Systems for Electronic Commerce
|
Neither buyer nor seller needs to install any software in order to use the system. |
|
Buyers are virtually 100 % protected from fraud. No charges are processed against their account without their confirmation. |
|
Purchases are essentially anonymous. The merchant is never given the buyer's name from First Virtual. |
|
It is extremely easy to become a merchant, or seller, under First Virtual. First Virtual does not screen merchants, nor do they require merchants to have a special business account established with a bank. All a person needs to sell merchandise, services, data, etc. over the Internet is an ordinary checking account. |
|
First Virtual has very low processing fees compared to other Internet payment schemes or even straight credit card processing. |
Disadvantages:
|
Merchant assumes all risk! |
|
Extremely long waiting period between when a sale is made and when payment is deposited in the merchant's account. |
3.5 Payment Systems for Electronic Commerce
DigiCash (e-cash)
|
DigiCash (e-cash) uses the minted coin model. |
|
The e-cash tokens are digitally signed entities created by either the buyer or the bank. |
|
In an effort to stop fraud, these coins must be routed through the bank to verify that they are not copies. |
|
The creation of e-cash tokens takes place in such a way that the value of the token is visible, but the buyer's serial number is not. This process prohibits the bank from tracking the buyer's purchase. |
|
Basically, the buyer gives the seller an e-cash token worth the amount of the product. The seller checks with the bank to see that the e-cash is valid. The bank verifies that the e-cash is valid and that it is indeed worth the amount specified. Then the transaction is executed. |
Cybercash
|
Cybercash requires the installation of "wallet" software on the buyer's desktop. When the buyer makes a request, the seller responds causing the "wallet" program to run on behalf of the seller. The buyer chooses a payment method. |
3.5 Payment Systems for Electronic Commerce
|
The seller then sends the product information and payment request to Cybercash. Cybercash checks with existing financial networks to verify that payment is possible and notifies the seller. There are some drawbacks to this system. |
|
The "wallet" program is tied to a particular desktop, so a user must always use the same machine to make purchases. Physical controls and security of the desktop are vital. This system also tightly couples the payment information and the product information, introducing some privacy concerns. The seller, however, does not see the buyer's payment details in the model. |
Millicent
|
Millicent is a payment scheme for handling very small transactions (because of the low overhead costs). |
|
Each seller produces a scrip used to purchase products and makes it available to scrip brokers. |
|
When a buyer wants to purchase a product, they use the seller's scrip to pay for the product. If the scrip the buyer sends is worth more than the product, the seller issues a new scrip worth the difference to the buyer. |
|
A potential buyer can buy scrip for a merchant from a scrip broker at any time, however, the scrip broker may require a minimum purchase. |
3.5 Payment Systems for Electronic Commerce
Open Market
|
Open Market provides payment through a Digital Order (DO)/Digital Receipt (DR) pair that is cryptographically signed. |
|
The buyer makes a purchase request, and the seller sends a DO back to the buyer. The client software forwards the DO request to a Commerce Service Provider (CSP) that verifies the request via the traditional financial networks. The CSP responds with a DR, which the client software forwards to the seller. |
|
This method protects buyers from having to disclose their payment methods to the merchant. Open Market must rely on a secure transport method (such as SSL) to protect the privacy of the DO/DR while it is in transit. |
SET
|
SET is a model designed by MasterCard and VISA. Other credit card companies (such as American Express) have also agreed to the standards and protocols included in SET. |
|
SET requires a public key infrastructure (PKI) to be fully functional. Whether SET truly uses the traditional financial networks or is a replacement for them has yet to be determined. Basically, the buyer makes a purchase request, and the seller checks with the payment gateway to see if the buyer can cover the expense. |
3.5 Payment Systems for Electronic Commerce
|
In this model, the buyer's payment details remain protected from the merchant, and the merchant does not have to keep a database of credit card numbers to satisfy buyer requests. |
|
This system can lower some of the risks for both the buyer and seller. The payment gateway tracks products purchased by buyers, an ability that already exists in current credit card use. |
Smart cards
|
There are a number of smart card projects that mirror other payment schemes, such as DigiCash, Modex (MasterCard), and VISA Cash. Smart card payment schemes are very popular in Europe. |
|
These schemes tend to protect the privacy of the buyer, while speeding up the verification portion of the transaction. Each smart card has a stored monetary value, and as a buyer purchases products, the value on the card is reduced. With smart cards, the money is linked to the card (not the user), so if a smart card is lost the cash value still on the card is lost as well. |
|
The biggest detractor of using smart cards is the need to use special hardware such as smart card readers. |
3.5 Payment Systems for Electronic Commerce