PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471

Slides:



Advertisements
Similar presentations
CP3397 ECommerce.
Advertisements

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
Principles of Information Security, 2nd edition1 Cryptography.
Electronic Transaction Security (E-Commerce)
Cryptography and Network Security Chapter 17
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Chapter 8 Web Security.
“Electronic Payment System”
Web Payments via Christopher Woods Aaron Buma. Agenda  Introduction  About it  Why to use it  Services they Provide  Seller Protection  Ebay Aspect.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
May 28, 2002Mårten Trolin1 Protocols for e-commerce Traditional credit cards SET SPA/UCAF 3D-Secure Temporary card numbers Direct Payments.
Secure Electronic Transaction (SET)
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
COMP3121 E-Commerce Technologies Richard Henson University of Worcester November 2011.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Types of Electronic Infection
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
McLean HIGHER COMPUTER NETWORKING Lesson 8 E-Commerce Explanation of ISP Description of E-commerce Description of E-sales.
OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.
Risks and Protection. What are the risks of shopping online? Spend 2 minutes identifying risks associated with shopping online card details could be stolen.
Networking E-commerce. E-commerce ► A general term used to describe the buying and selling of products or services over the Internet. ► This covers a.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
PayPal and Other Third Party Payment Options Presented by Meg Monsen, Eric Zeng, and Michael Leonard.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
Henric Johnson1 Secure Electronic Transactions An open encryption and security specification. Protect credit card transaction on the Internet. Companies.
Why Does The Site Need an SSL Certification?. Security should always be a high concern for your website, but do you need an SSL certificate? A secure.
Shopping on Amazon & Safe Shopping
Setting and Upload Products
Cryptography and Network Security
BY GAWARE S.R. DEPT.OF COMP.SCI
12 E-Commerce Overview.
Shopping experience! Is it safe to pay online? Ian Ramsey
Cryptography and Network Security
Pooja programmer,cse department
Third-party Payment options, PayPal Implementation
SET Comparative Performance Analysis
From Web Security by Lincoln pp – 35-51
Unit 8 Network Security.
Electronic Payment Security Technologies
E-business and Network Security
Cryptography and Network Security
Presentation transcript:

PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471 7TH SEM CSE

INTRODUCTION A Payment Gateway is an e-commerce application service provider that authorizes payments for e-business, online retailers etc. The gateway itself is simply a secure online link between the merchant and the customer’s bank. Sensitive information, such as credit card numbers, needs to be protected from fraudulent parties. Payment gateways encrypt the sensitive information such as credit card details to ensure that the information passes securely between the customer and the merchant.

Steps Involved Buyer initiates the purchase. Site Collects the buyer Info. Buyer is sent to Payment Gateway. Payment Gateway Collects the Credit Card Info. Payment Gateway handles the transaction. Payment Gateway verifies the purchase.

Online Customer: Entity who browses the e-commerce website and who will buy he products by making timely payments. Merchant: A merchant is the seller who will receive the payments made by the customer. Banks: there are two types of banks Client Bank : It holds the clients account and validates the customer. Merchant Bank : It holds Merchants account and is responsible for management and fraud control etc. Payment Gateway : A payment gateway is connected to all the customers, merchants & banks through internet and is responsible for speed, reliability and security of all transactions that take place. PRELIMINARIES

Framework Overview: Connection & transaction Send Data Send Payment Payment gateway Online Customer Client Bank Merchant Bank Merchant Send Data Connection & transaction Send Payment Merchant Website Send data & receive payment Merchant Website Transaction & Confirmation Account Update

Categories of Payment Gateways: There are mainly two categories of Payment Gateways : Hosted Payment Gateways Shared Payment Gateways Hosted Payment Gateways: Hosted Payment Gateways are those that direct your user away from your ecommerce website. While making payments, the customer is redirected to the real gateway page by clicking the gateway link. This leaves merchants website for some time before returning back. The benefit of these gateways is that you do not need a Merchant ID since no confidential details are needed from your website. Examples here include PayPal, WorldPay and Nochex.

Categories (cntd…) Shared Payment Gateway: While making the payments, a customer is directed to the payment page and not out of merchants website. Here, a Post form is used once one clicks on a payment link/button. The payment page is maintained securely by the payment gateway. After all details about credit card and other required fields are complete, the user fully gets back to the main website. The main benefit is that one does not get away from your website thus fast and easy to use. Example of a gateway is eWay.

Security Is your money in safe hands? Buying stuff online is easy, saves time and money, however there’s a risk involved. Each time we pay for something, we input our credit/debit card details to a third party (other than our bank). And considering the virtuality of online medium and the risks associated with it, there’s always a sense of fear for online fraud. The e-commerce platforms and banks tend to maintain a robust framework to securely carry out the transactions for the goods and services we pay for.

Security (cntd…) Data Encryption: Data encryption is one of the main security method used in payment gateways. Once you enter your card details in the payment gateway, it gets encrypted by using payment gateway’s public key and can only be decrypted by the payment gateway’s private key. The gateway uses an algorithm which makes sure that no unauthorized party can decrypt the encrypted data when being transmitted through the network. These algorithms usually follow symmetric (same key for encryption and decryption) or asymmetric (different key for encryption and decryption) cryptography to mask data so that unauthorised sources are unable to read or intercept it.

Security (cntd…) Secure Socket Layer (SSL): Secure Socket Layer (SSL) is the standard security protocol used in online transactions to establish an encrypted link between a web server (where the payment is taken) and a browser (where the payment information is entered). E-commerce websites uses SSL to authenticate their identity to the visiting customers and to protect sensitive information such as card details entered by the customers. It is advisable to make an online transaction on websites which have SSL certification. You can check out the same for a website by noting the https prefix in the URL address of the website in the browser and by locating the Padlock symbol in the web browser.

Security (cntd…) Secure Electronic Transaction (SET) Developed by Visa and MasterCard, the Secure Electronic Transaction (SET) protocol is used to aid the secure transmission of customer’s credit/debit card details during online transactions. The protocol blocks out the details of credit card information, thus preventing merchants, hackers and unauthorized parties from accessing the sensitive information. SET uses Dual Signature to link two messages that are intended for two different receipients. SET uses customer digital signatures to maintain confidentiality, authentication and data integrity.

Types of Payment Gateways PayPal 2Checkout.com Amazon Payment Google Checkouts Securepay.com Authorize.net PayUmoney PaySimple

Features of Payment Gateways Transaction & Network Security Secure with latest security technologies like SSL Fraud Screening features Reduces risk of theft and loss User friendly And speedy in processing Support for multiple forms of Payment Time Saving Ease of use

Disadvantages of Payment Gateways Payment gateways highly depend on internet connectivity Lack of Anonymity Risk of being hacked Fees

Conclusion The rise of e-Commerce has led to the development of sophisticated payment gateways that can be integrated seamlessly with your website without the need for specialized coding knowledge. Payment gateways not only perform the basic function of processing credit card transactions over the web, but also bring a host of security and fraud prevention features that protect both merchants & customers. The key to taking Payments online is to have a secure system that doesn’t compromise the customers personal information. Payment Gateway acts as an interface between online website and the bank.

Thank You !