Comp2513 E-Payment Methods Daniel L. Silver, Ph.D. Objectives To introduce the basic methods of electronic payment Reference: Deital Ch. 4 2001 Daniel L. Silver 2 Outline Trandition Payment Methods E-Payment Methods 2001 Daniel L. Silver 3 Major Architectural Components of the Web Bank Server Client 1 Browser Client 2 HTTP TCP/IP Server A Internet HTTP Server Browser App. Server URL index.html Server B 2001 Database Server prog1.class prog2.jsp Bank Server Daniel L. Silver 4 Traditional Payment Methods Payment: The transfer of money from one individual or legal entity to another Cash Personal Cheques Money orders (Bank note) Credit cards Debit cards 2001 Daniel L. Silver 5 Selection of Payment Method Based on: – Convenience – Trace-ability – Repudiation – Financial risk – Fraud protection Attacks 2001 on traditional methods? Daniel L. Silver 6 Credit Cards A very common method of payment Cards are issued by a bank Unique 16-digit number (including check digits) and an expiration date Third party authorization companies verify purchases 2001 Daniel L. Silver 7 Credit Card - Business Model Logical Money Flow 3. Clearance/Settlement Customer Bank Visa (3rd Party) Store’s Bank 2. Credit Authorization 4. Payment Store Customer 1. Charge What can you do if your statement shows a fraudulent purchase? 2001 Daniel L. Silver 8 Credit Card - IT Physical Data Flow Customer CARD 3rd Party Customer EFT Authorization EFT Bank System System (Visa) Card Info, Signature Store’s Bank System Authorization Reader Authorization Program Request 56k bps modem POS Terminal OK! 2001 Daniel L. Silver 9 Requirements of E-Payment Methods Enable an honest customer to convince a seller to accept payment Prevent a dishonest customer from making unauthorized or fraudulent payments Ensure the privacy of honest participants Scalable to very large numbers of customers Integrate with existing and evolving systems NOT EASY! 2001 Daniel L. Silver 10 E-Payment Pros/Cons Pros: – Potential for great flexibility – Low transaction costs – Rapid and diverse purchase power Cons: – Perfect copying of transactions is possible – Vulnerability to world-wide attack – Lack of anonymity, potential for privacy intrusion 2001 Daniel L. Silver 11 Various E-Payment Methods Credit and Debit card Digital Currency E-Wallets Peer-to-Peer Methods Smart card Micro-payments B2B 2001 Daniel L. Silver 12 Use of Credit Card on the Web Customer Bank System 3rd Party Authorization System cybercash.com Store’s Bank System EFT Authorization Server A HTTP Server Internet App. Server Database Server Client 1 Browser 2001 URL Daniel L. Silver index.html prog.jsp 13 Credit Card Fraud A major problem for E-commerce The merchant has no legal proof of purchase unless the buyer uses authentication certificate Companys such as Visa, nochargeback.com and CyberCash (now VeriSign) are working to limit fraud: – Visa has established high risk business models and best practices info for merchants – Nochargeback.com has lists of fraudlent cards, e-mail addresses and postal addresses – VeriSign/CyberCash has employed AI to catch frauders 2001 Daniel L. Silver 14 Digital Currency Digital cash accounts like traditional bank accounts Buyers deposit cash in the account and spend it at E-Commerce sites (acct # is passed using secure proprietary protocol) E-Comm merchants can feel sure of payment Customers do not need a credit card and spending is limited to account balance www.ecash.com 2001 Daniel L. Silver 15 E-Wallets Established by financial institutions in partnership with member E-Commerce sites Allows customer to submit billing and shipping info with one click at member sites Also can store e-Cheques, e-Cash and credit card information Not as popular as originally projected Entrypoint’s InfoGate offers an e-wallet 2001 Daniel L. Silver 16 Peer-to-Peer Methods Digital cash via email (eCash.com) PayPal.com – digital payment system – Acts as a trusted third party (e.g. auction purchase) – To send money: » Sender sets up an account and requests to send payment » Sender places payment into the receivers account by creditcard » Reciever is notified of payment via email » Receiver can transfer funds to bank account or request a cheque – There is also a request payment method – FOR FREE .. ? What is the their business model ? 2001 Daniel L. Silver 17 Smart Cards Cards with computer chips embedded on their faces – very common in Europe Used for health care, transportation, ID, retail, pay phones, loyalty programs, banking machines Smart card readers interface with card and request user PIN for access Bank machines can load cards with cash and then merchants can download cash from card Returns anonymity of purchase to customer GemPlus, MasterCard are leading supplier of SCs 2001 Daniel L. Silver 18 Micro-Payments Long distance phone call charge is an example of a micro-payment Digital Equipment Corporatiion (DEC) researchers originally envisioned MPs: – Payment per newspaper article ($0.005) – Payment by stock quote ($0.001) – Payment per click (Qpass, Inc) Has not been popular, instead advertisers pay for info, or customers pay flat rates … Why? 2001 Daniel L. Silver 19 Why have micro-payments failed? Overly complicated for customer and business – technology & accounting Income is very dependent on customer use (difficulties in cashflow management) Customer anxiety – could act as a deterent Difficulties in standardization – lost of different approaches, variant media 2001 Daniel L. Silver 20 B2B B2B transactions are the fastest area of $ growth on the web B2B transactions are substantially larger than B2C Paymantech is major provider: – 24/7 availability, all manner of EFT supported – many management tools and reporting methods Ecredit.com offers real-time automated credit approval and financing TradeCard offers comprehensive B2B Ecommerce facilities on an international scale 2001 Daniel L. Silver 21 THE END danny.silver@acadiau.ca