Electronic Check Payment Protocols and Systems

Slides:



Advertisements
Similar presentations
Chapter 8 Payment Systems: Getting the Money
Advertisements

Internet payment systems
Electronic Cash Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University URL:
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Electronic Payment Systems Speaker: Jerry Gao Ph.D. San Jose State University URL: May,
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
TM Systems Research Center MilliCent ™ Scrip, security and secrets Dr. Mark S. Manasse DIGITAL Systems Research Center, Palo Alto
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Electronic Transaction Security (E-Commerce)
Micro-Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University URL:
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Electronic Payment Systems Speaker: Jerry Gao Ph.D. San Jose State University URL: Sept,
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.
Electronic Commerce Khaled M. Elleithy, Ph.D. Department of Computer Engineering King Fahd University of Petroleum and Minerals.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS eCommerce Technology Lecture 10 Micropayments II.
ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS eCommerce Technology Lecture 9 Micropayments I.
“Electronic Payment System”
Payment Systems for Electronic Commerce
Electronic Payment Systems In any commercial transaction payment is an integral part for goods supplied. Four types of payments may be made in e-commerce.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.
Oz – Foundations of Electronic Commerce © 2002 Prentice Hall E-money.
EPS (Electronic payment system) is an online business process used for fund transfer using electronic means, i.e  Personal computers  services  Mobile.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
WELCOME TO THE SEMINAR ON Money Pad, The Future Wallet
Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.
Copyright © 2002 Pearson Education, Inc. Slide 6-1.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
Electronic Payment Systems
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
Secure Electronic Transaction (SET)
Chapter 15 E-Payments: Getting the Money. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Brief History of Money Features of Real-World.
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
Traditional and Electronic Payment Methods Chapter 3.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Lecture 8 e-money. Today Secure Electronic Transaction (SET) CyberCash On line payment system using e-money ECash NetCash MilliCent CyberCoin.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
TM MilliCent Scrip, Security and Secrets TM Dr. Mark S. Manasse DIGITAL Systems Research Center, Palo Alto
Electronic Cash. Digicash: Ecash u “With ecash you can pay for access to a database, buy software ora newsletter by ,play a computer game over the.
Chapter 9 Checking Accounts.
2/16/001 E-commerce Systems Electronic Payment Systems.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
Module 9 Micropayment systems. Properties of micropayment systems Micropayments do not have a real-world cash equivalent – cash cannot be divided into.
Electronic Payment Instructor: Jerry Gao Ph.D. San Jose State University URL: Oct.,
OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.
Alert against Online Shopping Frauds. Online Shopping A form of electronic commerce whereby consumers directly buy goods or services from a seller over.
Electronic Payment Systems Presented by Rufus Knight Veronica Ogle Chris Sullivan As eCommerce grows, so does our need to understand current methods of.
BZUPAGES.COM E-cash Payment System A company, DigiCash, has pioneered the use of electronic cash or e-cash. Anonymity of the buyer is the key feature of.
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Secure Electronic Transaction
Electronic Payment Security Technologies
Presentation transcript:

Electronic Check Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University email: jerrygao@email.sjsu.edu URL: http://www.engr.sjsu.edu/gaojerry May, 2000

Topic: Electronic Cash Payment Protocols and Systems Presentation Outline - Overview of electronic cash system - Ecash (Digital Cash) - NetCash - Comparisons and summary Jerry Gao Ph.D. 5/20000 All Rights Reserved

Overview of Electronic Cash Payment Protocols and Systems Topic: Electronic Cash Payment Protocols and Systems Overview of Electronic Cash Payment Protocols and Systems What is an electronic cash payment system? E-commerce application systems must provide payment processing and transaction service to buyers and sellers. A payment system, as a part of E-commerce application system, is a such system which support secured payment processes by providing reliable, secured, and efficient transaction services between sellers and buyers. The basic requirements of a payment system: - Provide secured and confidential transaction processes. - Conduct authentication and authorization for all involved parties. - Ensure the integrity of payment instructions for goods and services. - Simple, availability, cost-effective, efficient, and reliable. Jerry Gao Ph.D. 5/2000

Actors Involved in Electronic Cash Payment Systems Topic: Electronic Cash Payment Protocols and Systems Actors Involved in Electronic Cash Payment Systems - Customers: Customers use the digital cash payment systems to make purchases. - Dealers: Dealers have to bear the costs of payment transactions. - Providers for digital payment systems: Providers are intermediaries between dealers and financial institutions. They provide services and training. - Development vendors for digital payment systems: - Financial institutions: Banking systems or organizations who use electronic payment systems. - Trust Centers: They control digital signature keys, and help to secure customer confidence in certain payment systems. They are responsible for the integrity of transmitted data and authenticity of contractors. Jerry Gao Ph.D. 5/2000

Basic Requirements for Electronic Cash Payment Systems Topic: Electronic Cash Payment Protocols and Systems Basic Requirements for Electronic Cash Payment Systems - Digital money: Payment systems must provide customers and private households with acceptable digital money. Security: Ensure the security of transactions and information privacy of users. - Scalability: A large number of customers and concurrent transactions should be handled in a scalable manner. - Efficient and effective: Payment systems must support efficient and effective payment processing and accounting services for small payment transactions. - Simple: Payment systems must provide customers with simple transparent transactions. Jerry Gao Ph.D. 5/2000

Basic Requirements for Electronic Cash Payment Systems Topic: Electronic Cash Payment Protocols and Systems Basic Requirements for Electronic Cash Payment Systems - Anonymous: Usually, customers wish to stay anonymous for all involved transactions.. - Double spending: Digital coins consists of a number of bits. Payment systems must be able to recognize and/or prevent repeated payments with the same digital coin. - Exchange: Digital money should be convertible into “real” money whenever necessary. - Store: Digital money must be stored locally on hard disks or other media. - Value: Digital cash payment systems must provide a large number of digital coins for circulation and perform authentication checking. Jerry Gao Ph.D. 5/2000

Advantages of Electronic Cash Payment Systems Topic: Electronic Cash Payment Protocols and Systems Advantages of Electronic Cash Payment Systems - Saved time: - Reduce transaction process time - Speed up transaction processes - Reduced costs: - Reduce transaction costs - Reduce cash distribution costs - Flexibility: - Digital cash can take many forms, including prepaid cards - Digital cash can be converted into different currencies - Reduce cash distribution risk: - Reduce the regular cash distribution risk - Error free and efficient: - Reduce transaction errors Jerry Gao Ph.D. 5/2000

Special Features of Electronic Payment Protocols Topic: Online Payment Protocols and Systems Special Features of Electronic Payment Protocols Important features of electronic cash payment protocols and systems: - Anonymity: This ensure that no detailed cash transactions for customer are traceable. Even sellers do not know the identity of customers involved in the purchases. - Liquidity: Digital cash have to be accepted by all concerned economic agents as a payment method. - Prepaid cards: Buyers can buy prepaid cards that are accepted by special sellers. - Electronic payment processing: Jerry Gao Ph.D. 5/2000

Special Features of Electronic Check Protocols and Payment Systems Topic: Electronic Check Payment Protocols and Systems Special Features of Electronic Check Protocols and Payment Systems Important features of electronic cash payment protocols and systems: - Anonymity: This ensure that no detailed cash transactions for customer are traceable. Even sellers do not know the identity of customers involved in the purchases. - Liquidity: Digital cash have to be accepted by all concerned economic agents as a payment method. - Prepaid cards: Buyers can buy prepaid cards that are accepted by special sellers. - Electronic payment processing: Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic:Elect ronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Overview of NetBill: - ECash is a payment protocol for anonymous digital money on the Internet. - It is developed by DigiCash Co, of Amsterdam, The Netherlands. - It is currently implemented and offered by Mark Twain Bank, St. Louis since 1995. - DeutscheBank Ag, Frankfurt (Main) offers Ecash as a pilot project to its customers since October 1997. A public trial of the Millicent system was scheduled for the summer of 1997. Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocols: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocols: NetBill NetBill model: MilliCent protocols use a form of electronic currency called Scrip to connect three involved parties: - vendors, customers, and brokers. Scrip is vendor specific. A Millicent broker: --> medicate between vendors and customers to simplify the tasks they perform. --> aggregate micro-payments --> sell vendor Scrip to customers --> handle the real money in the Millicent system. --> maintain customer accounts and vendors (subScripion services) --> buy and produce large chunks of vendor Scrips (for licensed vendors) Vendors: --> are merchants selling low-value services or information to customers Customers: --> buy broker Scrip with real money from selected brokers. --> use the vendor Scrips to make purchases. Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill NetBill Archecture: (Source: NetBill 1994 Prototype) Consumer Application Checkbook Merchant Application Till Security Server Transaction Server User Admin. Server Payment & Collection Server System Admin. Server DB Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Consumer Merchant NetBill Server 1. Credit card # (macro-payment protocol) 2. $5.00 Broker scrip(Millicent protocol) 1. $0.19 Vendor scrp + request Start of week Transaction Sequence Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Customer Broker Vendor 1.0 Broker scrip 2. $0.20 Vendor scrip $4.80 Broker scrip Purchasing from a vendor 3. $0.20 Vendor scrp + request 4. $0.19 Vendor scrip change + purchased ino/service Transaction Sequence Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Customer make purchases with vendor Scrips Vendor Customer Vendor sell low-value information and services Broker sell vendor Scrip Brokers buy/produce large chunks of “vendor Scrip” for licensed vendors Broker Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill About Scrip: ---> a piece of data used to represent microcurrency within the Millicent systems. Scrip has the following properties: - Scrip is vendor specific, thus has value at one specific vendor only. - Scrip can be spent only once by its owner. - Scrip can be represented any denomination of currency. - Scrip represents a prepaid value. - Scrip make no use of public-key cryptography. - Scrip cannot provide full anonymity. It can be traced and recorded. Scrip like cash has a defined value and can be used to purchase merchandise. Major differences between Scrip and cash: - Scrip can only spent once, and cash can be spent many times. - Scrip is vendor specific, and cash is not. - Scrip can only spent by the customer who obtained it from the broker. - Scrip has an expiration date and a digital signature. Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Scrip Message Structure Vendor Value Scrip-id customer-id expiration-date info certificate Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Millicent Security Checking: ---> Provide three different security levels. All transactions should be protected, and fraud must be detectable and traceable. ----------------------------------------------------------------------------------------------- Millicent Protocol Efficiency Ranking Secure Private Scrip in the clear 1 No No Encrypted connection 3 Yes Yes Request signatures 2 Yes No ________________________________________________________________ . Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Authentication and signature: Millicent protocol uses one-way has functions - such as 128-bit MD5 and HMAC-MD5. - The message is sent in clear, but is protected by the customer_secret in hash function. - Upon receiving the request, the vendor calculates the hash function using a pre-selected message digest function. - The vendor returns, upon receiving this information, the customer can compute the message digest to ensure authenticity. - Signature: a request signature is generated based on the customer_secret by hashing Encryption: No encryption, but maintains a level of security that prevents Scrip being stolen. Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill 1. Scrip, Request, Request signature Customer Vendor 2. Change, Reply, Reply signature Purchase using a request signature Customer Secret Scrip Request Request Signature Compare Hash Request Signature Vendor verifies the request signature Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Vendor secret keys Master Scrip secret 5 Master Scrip secret 6 Master Scrip secret 7 Vendor Value Scrip-id customer-id expiration-date info Master Scrip secret 6 “certificate” Hash eg. MD5 To customer Scrip certificate generation Jerry Gao Ph.D. 5/2000

Electronic Check Payment Protocol: NetBill Topic: Electronic Check Payment Protocols and Systems Electronic Check Payment Protocol: NetBill Vendor secret keys Master Scrip secret 5 Master Scrip secret 6 Master Scrip secret 7 Vendor Value Scrip-id customer-id expiration-date info Master Scrip secret 6 certificate From customer compare certificate Scrip validation Jerry Gao Ph.D. 5/2000

Comparisons of Electronic Check Payment Protocols Topic: Electronic Check Payment Protocols and Systems Comparisons of Electronic Check Payment Protocols Jerry Gao Ph.D. 5/2000

Analysis of Electronic Check Payment Protocols Topic: Electronic Check Payment Protocols and Systems Analysis of Electronic Check Payment Protocols Jerry Gao Ph.D. 5/2000