elc 200 day 26. awad –electronic commerce 2/e © 2004 pearson prentice hall 2 agenda quiz 4 (last)...
TRANSCRIPT
WWWWWW
ELC 200
DAY 26
2WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
Agenda
• Quiz 4 (last) will be April 30• Chap 13, 14, & 15
• Assignment 8 on next slide
• Should be progressing on Framework
• Finish Lecture/Discuss E-security & Encryption
• Lecture Discuss Payment Systems
3WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
Assignment # 8
• Due April 27 At 2 PM
• Complete Discussion Questions on Page 500 of the text
• Turn in well formatted Word Document
4WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
NTERNET SECURITY PROTOCOLS & STANDARDS
• Web Application– Secure Socket Layer (SSL)– Secure Hypertext Transfer Protocol (S-HTTP)
• E-Commerce– Secure Electronic Transaction (SET)
• E-Mail– PGP– S/MIME
5WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
SSL
• Operates between application and transport layers
• Most widely used standard for online data encryption
• Provide services:– Server authentication– Client authentication– Encrypted SSL connection
6WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
S-HTTP
• Secure Web transactions
• Provides transaction confidentiality, integrity and nonrepudiation of origin
• Able to integrate with HTTP applications
• Mainly used for intranet communications
• Does not require digital certificates / public keys
7WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
SET
• One protocol used for handling funds transfer from credit card issuers to a merchant’s bank account
• Provide confidentiality, authentication and integrity of payment card transmissions
• Requires customers to have digital certificate and digital wallet
8WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
PGP
• Encrypts the data with one-time algorithm, then encrypts the key to the algorithm using public-key cryptography
• Supports public-key encryption, symmetric-key encryption and digital signatures
• Supports other standards, e.g. SSL
9WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
S/MIME
• Provides security for different data types and attachments to e-mails
• Two key attributes:– Digital signature– Digital envelope
• Performs authentication using x.509 digital certificates
10WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
GOVERNMENT REGULATIONS
• National Security Agency (NSA)
• National Computer Security Center (NCSC)
• National Institute of Standards and Technology (NIST)
• Office of Defense Trade Controls (DTC)
WWWWWW
Chapter 15
E-Payments: Getting the Money
12WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
OBJECTIVES
• Brief History of Money
• Features of Real-World Cash
• Electronic Money
• Internet-based Systems
• Electronic Payment Media
• Issues and Implications
13WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
BRIEF HISTORY OF MONEY
• Barter
• Medium of Exchange– Tokens– Notational Money– Credit System
14WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
FEATURES OF REAL-WORLD CASH
• Convenience
• Wide Acceptance
• Anonymity
• No Hidden Cost of Use
• No Audit Trail
15WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ELECTRONIC MONEY (E-Money)
• Identified and Online (+I+L)– Credit cards and debit cards
• Identified and Offline (+I-L)– Check
• Anonymous and Online (-I+L)– Cash payments
• Anonymous and Offline (-I-L)– Electronic cash
16WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ACID TEST
• Atomicity– All or nothing
• Consistency– All agree
• Isolation– Doesn’t effect other transactions
• Durability– Can go back to previous state (i.e. reversible)
17WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ICES TEST
• Interoperability– Ability to move between system
• Conservation– Temporal consistency and durability
• Economy– Cost of use
• Scalability– Multiple users
18WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
TRANSACTION PROPERTIES
Token
Atom
icity
Consistency
Isolation
Durability
Interoperability C
onservation
Econom
y
Scalability
Cash Y Y Y Y Y Y N Y Y
Check N Y Y N Y N Y N Y
Credit Card N N Y N Y N - N Y
WWWWWW
ELC 200
DAY 27
20WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
Agenda
• Quiz 4 (last) will be April 30• Chap 13, 14, & 15
• Augusto will be giving his presentation
• Assignment 8 Due
• Should be progressing on Framework – Everything Due May 4 at 10AM
• Lecture/Discuss Payment Systems
21WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
INTERNET-BASED PAYMENTS
• Electronic Cash
• Credit Cards
• Debit Cards
• Smart Cards
22WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
NONTECHNICAL PROPERTIES
• Acceptability
• Ease of Integration
• Customer Base
• Ease of Use and Access
23WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ELECTRONIC TRANSACTION SYSTEMS
• CyberCash– http://www.cybercash.com/– Bought by Verisign
• Netbill– http://www.netbill.com/
• First Virtual– No longer in internet payment systems
Internet Service Providers: Internet-Based Payments
24WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
SECURE ELECTRONIC TRANSACTIONS (SET)
• http://www.setco.org/
• Confidentiality
• Integrity
• Authentication
• Interoperability
Internet Service Providers: Internet-Based Payments
25WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
SET
26WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ELECTRONIC PAYMENT MEDIA
• Trusted Third Party– CyberCash
• Notational Fund Transfer-related Type– Credit Card (SET)
• Digital Cash/ Electronic Money– Anonymous & untraceable digital cash – David Chaum
Internet Service Providers: Electronic Payment Media
27WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
CREDIT CARDS
• Transactional cost paid by merchants– 2-5 cents per transaction– Monthly fees
• Shopping Cart
• Credit Card Processing Services
• Risks of Using Credit Cards
• Credit Card Laundering
28WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
DEBIT CARDS
• Convenience• Widely Accepted• Easy Application• No Grace Payment Period• Less Protection for Undelivered Items
– No limits of liability like credit Card• Risks for Merchants - Overspent Customers
– 2-3 day processing versus immediate for credit cards• Use of PIN creates online transaction
– Hard to dispute!• Higher transaction fee for merchants
29WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
SMART CARDS
• Provide users the ability to make a purchase
• Hold user’s cash, ID information and keys
• Provide authentication of transaction
• Contain encryption and decryption of messages
• Enhance data portability
• Similar to electronic purse
30WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
DIGICASH & E-WALLET
• No audit trail
• Offers true digital economy
• Resistance from the Treasury Department
• E-wallet– A carrier of e-cash– A simple and secure way of carrying currency
electronically
31WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ELECTRONIC FUNDS TRANFER & AUTOMATED CLEARING HOUSE
• Electronic Funds Transfer (EFT)– A computer-based system that facilitates the
transfer of money between two financial institutions overnight
• Automated Clearing House (ACH)– Involves more than one financial institution
routing to debit and credit the correct accounts
32WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ACHCustomer’s
BankMerchant’sBank
Customer Merchant
Step 1
Step 3
Step 4
Step 4 Step 5
Step 1: The Customer sends payment information to the ACH Provider (probably through a link at the merchant’s website). The information should include the information from the MICR line of Customer’s check (the ABA routing number of the Customer’s Bank and the Customer’s account number at the bank).
Step 2: Based on the commitment to pay represented by that information, the Merchant completes the transaction. It might ship the goods at that time, or it might wait a few days to receive payment.
Step 3: The ACH Provider sends the ACH debit entry to the Customer’s Bank.
Step 4: The Customer’s Bank responds to that entry by removing funds form the Customer’s account and sending them to the Merchant’s Bank (through ACH network).
ACHProvider
ACHProvider
Step 2
Step 1
33WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
Check Numbers
34WWWWWW Awad –Electronic Commerce 2/e© 2004 Pearson Prentice Hall
ISSUES & IMPLICATIONS
• Consumer Needs
• Corporate Processes
• Corporate Strategy
• Regulation of Competition
• Economics & Social Processes
WWWWWW
Chapter 15
E-Payments: Getting the Money