Chapter 3 E-Payment Systems eb-course.weebly.com

Agenda Definition of electronic payment Security for e-payments Types of electronic payment methods Which electronic payments to accept?

Payment Methods Payment: The transfer of money from one individual or legal entity to another Cash Personal Cheques Money orders (Bank note) Credit cards Debit cards

What is electronic payment Electronic payment methods are the payments made electronically rather than by paper (cash, checks, vouchers, etc) Allows global reach, high speed, low transaction cost and high automatibility For some people, these are payments linked to e-commerce transactions. This definition raises two problems 1. Many of e-commerce transactions are neither paid or settled over the internet. reason: most e-commerce site uses credit cards that uses internet only on the initial stage. 2. Electronic payments are broad.

Security for E-payments If you are running an e-commerce site, you need to worry about Authentication Authenticity of business Confidentiality Information privacy Data Integrity Data must not be altered Audit Trail Data should be trailed

Security for E-payments Standards for E-payments It is a must to have a generally accepted protocol for securing e-payments such as SSL / SET Implemented protocols SSL (Secure Sockets Layer) Security protocol used by web browser and web server to transmit sensitive information over the internet Uses private key to encrypt data SET (Secure Electronic Transaction) Built with SSL Uses digital wallet that holds customers certificates How do you tell if a website is secure? S after http Lock symbol

Secure Sockets Layer (SSL) Created by Netscape for secure message transmission. Uses public-key encryption Browser is the client Netscape servers can be enabled for SSL Other servers can be enabled by installing the Netscape SSLRef program library

Secure Socket Layers (SSL) protocol Certificate Authority Ex) Verisign Secures credit card payments Provides 40 bit and 128 bit SSL Encryption Authenticates the business for customer confidence Verisign verifies merchant by performing authentication procedures such as Check to see if the business is legal entity If organization has the right to use the domain name Verifies the individual who requested SSL certificate

Secure Electronic Transaction (SET) Visa and MasterCard developed SET specifically to handle electronic payments Based on cryptography and digital certificates Digital certificates uniquely identify the parties to a transaction An electronic credit card Registries for authentication A digital signature is used to guarantee a sender’s identity

Secure Electronic Transmission (SET) SET involves interaction among credit card holders, merchants, issuing banks, payment processing organizations, and public key certificate authorities so it’s much more secure than SSL SET Encryption Request is Sent to E-commerce Server E-Commerce Server Verifies Transaction Purchase is Requested Merchant Sends Record to Bank Transaction is Approved Bank Credits Merchant’s Account

The SET protocol The SET protocol coordinates the activities of the customer, merchant, merchant’s bank, and card issuer. [Source: Stein]

Secure Electronic Transaction (SET) Protocol SET is much more complex Success of SSL Expensive overhead SSL is essentially point-to-point between buyer and seller, and makes no explicit provisions for involving financial institutions. Success of SSL reduced the need for SET Expense of heavy computational overhead makes SET based system slow and difficult to use

Types of Electronic Payment B2B Small to large payments B2C Small to medium payments Credit card transactions Micropayments Very small payments

Types of Electronic payments (B2B) Electronic checks Purchasing cards Electronic letters of credit Electronic Funds Transfer Transfer of funds Ex) ATM, Internet banking Electronic Benefits Transfer Transfer of benefits Ex) Debit card for food stamps B2B payments Electronic Funds Transfer Designed to transfer funds form one account to another Internet banking Electronic Benefits Transfer

Types of Electronic Payments (B2C) Electronic Payment Cards (credit, debit, charge) Smart Cards (phone cards, bank cards) P2P payments (paypal, c2it) Other payment methods The basic e-payment methods is electronic payment cards using credit cards which is similar to off-line methods but there are some innovative methods exist only on the internet.

Electronic payment cards (1) Credit cards Most popular online payment Convenient for both merchant and customer Quicker payments 24/7 Safest recommended method Liability is limited by federal law to $50 for unauthorized charge on credit card If you have an unauthorized charge on your credit card, under federal law your liability is limited to $50. In fact, some credit card issuers and web site operators say that under certain circumstances they will even pay this amount for you.

Electronic payment cards (2) How credit card works The consumer enters credit card information into a form on the merchant’s website 2.Real time - Server sends the transaction to the payment processing center for authorization, customer is notified for approval or disapproval. Non real time – Merchant checks authorization manually like they do at brick and mortar. 3. Payment Processing center process the credit card information to merchant bank or 3rd party processor 4. Funds are transferred from card holder’s bank to merchant bank

Smart Card (1) A type of computer embedded chip card that stores and transacts encrypted data between users. Smart card are used in healthcare, banking, entertainment and transportation industries. Offers enhanced security, convenience and economic benefits Rechargeable stored value card Examples Mondex in UK VisaCash in US Storage of encryption keys Electronic purses User profile portability

Smart Card (2) Smart Card for E-Commerce Advantages Disadvantages Carry personal Accounts Credit and buying preferences Manage and control expenditures with automatic limits and reporting Disadvantages Costs 2 to 7 times more than magnetic stripe cards Need a smart card reader Companies such as IBM and Dell are already adding smart card readers into some of their corporate models

Smart Card (3) NTT-DoCoMo, Japan’s leading communications company have tied up with coca-cola company and developed a mobile commerce platform (c-mode) that allow purchasing soft drinks using cell phones. http://www.nttdocomo.com/corebiz /imode/alliances/cmode.html However, what the three companies have created is a far more sophisticated user interface combining payment systems, coupons (advertising) and personal identification. That makes it "my i-mode CokeMachine" and  moves the state-of-art from user's perspective. This is certainly important.

P2P Payments Person to person payments are newest and fastest growing e-payment schemes. Able to transmit funds to anyone with an email address ex) Paypal Free to send money to anyone Over 50 million account holders in 45 countries State of the art security technology Buyer protection up to $1,000 with no extra charge

Types of Electronic Payments (Micropayments) Allows very small charges for goods and services Very small payments usually below $10 Ex) Digital music Credit cards or EFT are too expensive Credit card charges 25 cents to 35 cents and 2 to 3 percent of purchase price Difficult to allocate payment Hard to split between issuing bank, paying bank, card processor, and etc) New business model made possible by innovation of IT Hard to allocate transactions of 1 cent or less

Other E-payment methods Wireless payments “M-pay bill” from Vodafone E-check Electronic version of paper check www.electracash.com E-charge Charge purchases to local phone bill www.echarge.com Pays bills using cell phones Sends electronic checks

Accepting Electronic Payments (B2C) Merchant Account Payment processing opened through a bank Ex) www.1stamericancardservice.com Third Party Processor Payment processor that accepts credit cards on behalf of your company Ex) www.2checkout.com, www.paypal.com

Merchant Account Advantages Disadvantages Increase credibility Flexibility Able to sell any kind of products and services Own shopping cart Low discount rate Average 2-3% Disadvantages Difficult to obtain Expensive Large set up fee, application fee, gateway fee, monthly statement fee and monthly minimum fee Ex) 1stAmericanCardService: $185 start up fee, $9 statement fee and etc

Third Party Processor Advantages Disadvantages Easy to obtain Small set up fee, no monthly fees, no gateway fees Accepts most credit card, debit card, checks Less administrative work Disadvantages Don’t have public acceptance Must use their shopping cart system Gives less confidence to purchaser Limited items Paypal restricted item’s list Higher transaction fees 2checkout: 5.5% of sale amount plus 45 cents per sale Digibuy: 13.9% of sales amount Third Party payment processors can accept credit cards on behalf of your company

Things to consider Monthly sales volume Types of products or services Low volume: Third party processor High volume: Merchant account Types of products or services International support Multi-currency Multi-language Marketing assistance or reseller affiliates 2checkout shopping mall Yahoo! Shopping