Enhancing the Security of Online Card Payment System

Credit card is the most popular payment method used in Internet shopping. The idea of credit card payment is to buy first and pay later. The cardholder can pay at the end of the statement cycle or they can pay interest on the outstanding balance. Therefore, there are many credit card-based electronic payment systems (EPSs) that have been developed to facilitate the purchase of goods and services over the Internet such as CyberCash (VeriSign), iKP (Bellare, Garary, Hauser, et al, 1995), SET (Visa and MasterCard, 1997), CCT (Li & Zhange, 2004), and so forth. Usually a credit card-based EPS involves five parties: cardholder, merchant, acquirer bank, issuer bank, and financial institution. Internet is an open system and the communication path between each other is insecure. All communications are potentially open for an eavesdropper to read and modify as they pass between the communicating endpoints. Therefore, the payment information transmitted between the cardholder and the merchant through Internet is dangerous without a secure path. SSL (Zeus Technology, 2000) is a good example to secure the communication channel. Besides the issue of insecure communication, there are a number of factors that each participant must consider. For example, merchant concerns about whether the credit card or the cardholder is genuine. There is no way to know the consumer is a genuine cardholder. As a result, the merchant is incurring the increase in losses due to cardholder disputes and frauds. On the other hand, cardholders are worried about the theft of the privacy or sensitive information such as the credit card number. They don’t want any unauthorized usage of their credit cards and any modification to the transaction amount by a third party. These security issues have deterred many potential consumers from purchasing online. Existing credit card-based EPSs solve the problems in many different ways. Some of them use cryptography mechanisms to protect private information. However, they are very complicated, expensive, and tedious (Xianhau, Yuen, Ling, & Lim, 2001). Some EPSs use the Certificate Authority (CA) model to fulfill the authentication, integrity, and nonrepudiation security schemes. However, each participant requires a digital certificate during the payment cycle. These certificates are issued by independent CAs but the implementation and maintenance cost of this model is very high. In addition, the validation steps of Certificate-based systems are very time-consuming processes. It requires access to an online certificate server during the payment process. Moreover, the certificate revocation list is a major disadvantage of the PKI-based certification model (The Internet Engineering Task Force). The cardholder’s certificate also includes some private information such as the cardholder’s name. The requirement of a cardholder’s certificate means software such as e-Wallet is required to be installed on the cardholder’s computer. It is the barrier for the cardholder to use Certificatebased payment systems. To solve this problem, Visa Company has developed a new payment system called Verified by Visa (VbV) (http:www/visa-asia.com/ ap/sea/merchants/productstech/vbv_implementvbv. shtml). However, sensitive information such as credit card number is still passed to the merchant. Therefore, the cardholder is not protected by the system.

Download Full-text

System Open Payment by R&G for MKS Mielec

AUTOBUSY – Technika Eksploatacja Systemy Transportowe ◽

10.24136/atest.2018.346 ◽

2018 ◽

Vol 19 (12) ◽

pp. 16-21

Author(s):

Ryszard Rojowski

Keyword(s):

Public Transport ◽

Payment System ◽

Ticket Sale ◽

Card Payment ◽

Additional Channel

Open Payment System allows safe charging, management and monitoring of the payment through different channels. The system produced by R&G for MKS Mielec allows to introduce a modern additional channel of public transport ticket sale in Mielec. It has been created by R&G in cooperation with Ingenico, Bee-Tech and eService. System Open Payent solution allows wireless card payment for the ticket in R&G production ticket validator.

Download Full-text

Overview of Electronic Payment System

Handbook of Research on Cultural and Economic Impacts of the Information Society - Advances in Human and Social Aspects of Technology ◽

10.4018/978-1-4666-8598-7.ch017 ◽

2015 ◽

pp. 391-418

Author(s):

Sanghita Roy

Keyword(s):

Credit Card ◽

Banking Sector ◽

Payment System ◽

Electronic Payment ◽

Payment Systems ◽

Advantages And Disadvantages ◽

Business Transactions ◽

The Difference ◽

Card Payment ◽

Electronic Payment System

The emergence of e-commerce has created new financial needs that in many cases cannot be effectively fulfilled by the traditional payment systems. The advent of the Electronic commerce has prompted the invention of several payment tools to facilitate the completion of business transactions over the Internet. There are different methods to pay electronically. Recognizing this, virtually all interested parties are exploring various types of electronic payment system and issues surrounding electronic payment system and digital currency. Broadly electronic payment systems can be classified into four categories: Online Credit Card Payment System, Online Electronic Cash System, Electronic Cheque System and Smart Cards based Electronic Payment System. Each payment system has its advantages and disadvantages for the customers and merchants. These payment systems have numbers of requirements: e.g. security, acceptability, convenience, cost, anonymity, control, and traceability. Therefore, instead of focusing on the technological specifications of various electronic payment systems, the researcher has distinguished electronic payment systems based on what is being transmitted over the network; and analyzed the difference of each electronic payment system by evaluating their requirements, characteristics and assessed the applicability of each system. To sustain in the competition more banks are following e-commerce and especially using e-payment mechanism. Though Indian economy is basically cash driven, still India is not far behind in adopting E-payment services in retail and banking sector.

Download Full-text

Trend and dynamics of card payment system in India

Journal of Management Research and Analysis ◽

10.18231/j.jmra.2021.037 ◽

2021 ◽

Vol 8 (4) ◽

pp. 193-197

Author(s):

N Karunakaran ◽

P. Shibu ◽

M. D. Devasia

Keyword(s):

Private Sector ◽

Commercial Banks ◽

Credit Card ◽

Recent Trend ◽

Credit Cards ◽

Payment System ◽

Electronic Payments ◽

Payment Mechanism ◽

Card Payment ◽

Retail Payments

Payment system in India has undergone a dramatic change in recent years. The payment through cards, using both debit and credit cards, is one of the early innovations in the modern payment system in the country. Several intermediaries are involved in the effective functioning of card payment mechanism. As a result, the card payment infrastructure has grown remarkably well across India. The volume of payments made through these devices as well as the value of card payments increased rapidly in the last two decades. Among the commercial banks, the State Bank of India dominates in the maintenance of ATM infrastructure, the issue of cards and in the volume and value of card transaction. The private sector banks dominate in the installation of POS terminals and HDFC bank tops in the POS credit card transaction. However, the recent trend shows that the transaction through cards as a percentage of total retail electronic payments has been declining in India, as other retail payments platforms have become popular.

Download Full-text

Design and Implementation for Card Holder Initiated Card Payment System Using the Mobile Devices

Journal of the Korea society of IT services ◽

10.9716/kits.2014.13.4.245 ◽

2014 ◽

Vol 13 (4) ◽

pp. 245-254 ◽

Cited By ~ 1

Author(s):

Moon Seog Seo

Keyword(s):

Mobile Devices ◽

Payment System ◽

Card Holder ◽

Design And Implementation ◽

Card Payment

Download Full-text

A Simple and Secure Credit Card-Based Payment System

Encyclopedia of Multimedia Technology and Networking, Second Edition ◽

10.4018/978-1-60566-014-1.ch175 ◽

2009 ◽

pp. 1299-1306

Author(s):

Chi Po Cheong

Keyword(s):

Private Information ◽

Credit Card ◽

Financial Institution ◽

Payment System ◽

The Internet ◽

Sensitive Information ◽

Payment Systems ◽

Credit Card Number ◽

Card Number ◽

Card Payment

Credit card is the most popular payment method used in Internet shopping. The idea of credit card payment is to buy first and pay later. The cardholder can pay at the end of the statement cycle or they can pay interest on the outstanding balance. Therefore, there are many credit card-based electronic payment systems (EPSs) that have been developed to facilitate the purchase of goods and services over the Internet such as CyberCash (VeriSign), iKP (Bellare, Garary, Hauser, et al, 1995), SET (Visa and MasterCard, 1997), CCT (Li & Zhange, 2004), and so forth. Usually a credit card-based EPS involves five parties: cardholder, merchant, acquirer bank, issuer bank, and financial institution. Internet is an open system and the communication path between each other is insecure. All communications are potentially open for an eavesdropper to read and modify as they pass between the communicating endpoints. Therefore, the payment information transmitted between the cardholder and the merchant through Internet is dangerous without a secure path. SSL (Zeus Technology, 2000) is a good example to secure the communication channel. Besides the issue of insecure communication, there are a number of factors that each participant must consider. For example, merchant concerns about whether the credit card or the cardholder is genuine. There is no way to know the consumer is a genuine cardholder. As a result, the merchant is incurring the increase in losses due to cardholder disputes and frauds. On the other hand, cardholders are worried about the theft of the privacy or sensitive information such as the credit card number. They don’t want any unauthorized usage of their credit cards and any modification to the transaction amount by a third party. These security issues have deterred many potential consumers from purchasing online. Existing credit card-based EPSs solve the problems in many different ways. Some of them use cryptography mechanisms to protect private information. However, they are very complicated, expensive, and tedious (Xianhau, Yuen, Ling, & Lim, 2001). Some EPSs use the Certificate Authority (CA) model to fulfill the authentication, integrity, and nonrepudiation security schemes. However, each participant requires a digital certificate during the payment cycle. These certificates are issued by independent CAs but the implementation and maintenance cost of this model is very high. In addition, the validation steps of Certificate-based systems are very time-consuming processes. It requires access to an online certificate server during the payment process. Moreover, the certificate revocation list is a major disadvantage of the PKI-based certification model (The Internet Engineering Task Force). The cardholder’s certificate also includes some private information such as the cardholder’s name. The requirement of a cardholder’s certificate means software such as e-Wallet is required to be installed on the cardholder’s computer. It is the barrier for the cardholder to use Certificatebased payment systems. To solve this problem, Visa Company has developed a new payment system called Verified by Visa (VbV) (http:www/visa-asia.com/ ap/sea/merchants/productstech/vbv_implementvbv. shtml). However, sensitive information such as credit card number is still passed to the merchant. Therefore, the cardholder is not protected by the system.

Download Full-text

THE CURRENT STATE OF FUNCTIONING OF NATIONAL PAYMENT SYSTEMS

Business Navigator ◽

10.32847/business-navigator.64-14 ◽

2021 ◽

Author(s):

Nataliia Polishchuk ◽

Iryna Lobacheva ◽

Olena Musiienko

Keyword(s):

Payment System ◽

Electronic Payment ◽

Payment Systems ◽

Current State ◽

Banking Institutions ◽

Money Transfer ◽

Definition Of ◽

Card Payment ◽

The Cost ◽

Electronic Payment System

The article presents the theoretical aspects of the payment system, clarifies the definition of the national payment system of a complex and interconnected set of payment and technical elements, each of which contributes to the efficient functioning of both the financial sector and the national economy as a whole. The classification features according to which payment systems are classified are generalized and their types are given. The main tasks of payment systems functioning are outlined. The components of the payment system of Ukraine are considered. It is proved that the non-cash payment system is designed to minimize the cost of issuing cash and reduce the cost of its maintenance, collection, and recalculation. It is highlighted that the main purpose of creating payment systems is to reduce the cash supply. The modern basic requirements to payment systems are defined. The current payment systems in Ukraine are analyzed, among which: the national electronic payment system (EPS), created by the National Bank of Ukraine, the National Payment System “Ukrainian Payment Space”, 10 intrabank payment systems, 2 money transfer systems, 11 money transfer systems, 1 system settlements and 1 card system created by non-banking institutions, as well as 8 money transfer systems and 4 card payment systems created by non-residents, as well as international payment systems, which include 5 money transfer systems created by Ukrainian banks and 4 money transfer systems created by non-banking institutions . The current state of operations of Ukrainian banks with electronic money is studied. The basic requirements for national payment systems are given. Measures to increase the level of security of the national payment system of Ukraine are outlined. Recommendations for the development of the electronic payment system of Ukraine are presented. Special attention needs to be paid to the development of the national payment system of Ukraine, which depends on the effectively implemented innovations, which consist in the application and expansion of non-cash forms of payment and guarantee of the electronic payment system.

Download Full-text