Designing an electronic credit or debit system: Major issues Naming There must be an unambiguous way of identifying the payers' bank accounts and the payees' bank accounts. Signatures It must be possible for the payers' banks to verify that payment instructions were generated by people authorized to use accounts. Integrity Electronic checks should be difficult to alter. Confirmation Payees must have confirmation that transfers took place; payers must have notification of transfers out of their accounts. Confidentiality Third parties should not be able to monitor such payments. Settlement Separate banking institutions must have a way of settling their accounts.
CyberCash’s Gateway Provides software to both consumers and merchants, in which CyberCash public key is built into Only CyberCash knows everybody’s public key Information is encrypted under CyberCash’s public key, the merchant doesn’t actually see the consumer’s credit card number Failed as a company and acquired by Verisign in 2002.
SET:Secure Electronic Transactions Designed to operate both in real time (e.g. WWW) and store-and-forward environment (e.g. e-mail) Also designed to permit consumer, merchant, and banking software companies to develop software for their respective clienteles independently SET assumes the existence of a hierarchy of digital certificate authorities that vouch for the binding between a user and a public key. Digital Certificates create a trust chain throughout the transaction, verifying cardholder and merchant validity. SET standards were developed jointly by Visa and Mastercard as a way to facilitate secure payment card transactions over the Internet.
First Virtual* Consumers establish account IDs with First Virtual and fax/telephone their credit card number to it Required information is sent directly to consumer with valid ID First Virtual will not charge consumers until they are satisfied First Virtual delays payment to merchants for 90 days * First Virtual does not provide service any longer
NetBank The largest FDIC-insured federal savings bank operating exclusively online Approves mortgages, home equity or business loans, credit or debit card applications quicker than traditional bank Provides three stages of security (robust firewall, customer’s personal password, and the encryption of customer messages)
Electronic Checks Consumers uses smartcards or secure processors to compose and sign electronic checks Check is sent to the payee together with the consumers' public-key certificates and transaction details payee adds its own signature and certificates and sends the check to its bank for deposit Transaction results are reported to both merchants and consumers
Instant Debit Systems Immediate posting of transactions make payees get real-time confirmation that funds are available Aggregate many on-line transactions for batch settlement over traditional settlement networks
GC Tech’s turnkey offering Intermediation server maintains a “ledger” of consumer funds on account in the payment system Intermediation server and the merchant have publicprivate-key pairs, while consumers have only a PIN number This model eliminates the need to issue and manage certificates for consumers
NetBill for Information Delivery Optimized for delivering information goods (e.g. text, images, software) over the Internet) Consumers are not charged until the goods reach them Only the merchant talks directly to the accounting server
Person-to-Person payment Systems Person-to-person (P2P) payment systems: The person sending the money registers with the service and forks over information on the credit card or checking account they want the funds withdrawn from. The recipient generally gets an e-mail with instructions to go to the service's site and register to claim the money, which is then transferred from an online account directly into the recipient's bank account, or debited against a credit card. The Holy Grail in P2P is to create a model where consumers can use a single interface to pay anyone. The winner will be a single product that transcends online and offline channels
P2P Systems Some P2P Systems: FDR’s MoneyZapMoneyZap PayPal (X.com) PayPal eBay’s BillpointBillpoint Bank One’s eMoneyMaileMoneyMail Yahoo’s PaydirectPaydirect