Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Published byAnna Britney Wheeler Modified over 9 years ago

Similar presentations

Presentation on theme: "Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt."— Presentation transcript:

1 Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt

2 Understanding Networked Applications: A First Course Electronic payments by David G. Messerschmitt

3 Understanding Networked Applications A First Course 3 Electronic payments: the players Consumer Merchant Financial institutions Physical tokens representing value

4 Understanding Networked Applications A First Course 4 Some forms of spending money Demand deposit Cash reserves Credit Debit Check Cash Loan Withdrawal

5 Understanding Networked Applications A First Course 5 Questions about value tokens Who will back the value? How is fraud, counterfeiting, etc. prevented? Will value restored if lost or stolen? Is it subject to regulation? Who pays for the system? Is it traced?

6 Understanding Networked Applications A First Course 6 Policy dilemmas Multiplicity of incompatible payment systems? Tracing and auditing: –Criminal prosecution –Taxation vs –Personal privacy

7 Understanding Networked Applications A First Course 7 Some privacy initiatives Open Profiling Standard TRUSTe Anonymous digital cash

8 Understanding Networked Applications A First Course 8 Electronic credit and debit Standard authentication, confidentiality, and non-repudiation techniques can be used –Asymmetric encryption and certificates Framework must take into account different institutions involved Example: Secure Electronic Transactions (SET) of Visa/Mastercard

9 Understanding Networked Applications A First Course 9 Participants Consumer (cardholder) Merchant Acquirer: financial institution acting as transaction clearinghouse for merchant Issuer: financial institution that issued consumer credit/debit card Association: Visa or Mastercard

10 Understanding Networked Applications A First Course 10 SET chain of trust Cardholder Acquirer Issuer AssociationSET Root Merchant (self-signed, included in all software)

11 Understanding Networked Applications A First Course 11 SET order/payment protocol initiate purchase authorize capture ConsumerMerchant Acquirer Issuer authorize capture

12 Understanding Networked Applications A First Course 12 Smartcard Card that contains encapsulated electronics and can be used for various forms of electronic commerce (and other things)

13 Understanding Networked Applications A First Course 13 Prepaid smartcard options Memory card –Memory plus password/PIN protection Shared-secret –Mutual authentication of any terminal sharing the secret Signature-carrying –Carries signatures created by institution Signature-creating –Hardware to create signature based on secret key

14 Understanding Networked Applications A First Course 14 Smartcard merits Memory –Closed system: single institution –No authentication of terminal Shared-secret –Requires encapsulated module in terminal, one to carry each card secret –One secret per institution implies that all cards of that institution can be compromised

15 Understanding Networked Applications A First Course 15 Smartcard merits (con’t) Signature –Terminals need only public keys –Easy to handle multiple institutions All but signature-carrying have unique card identity, and hence institutions can invade privacy by linking transactions

16 Understanding Networked Applications A First Course 16 Hard vs. digital cash Withdraw Deposit

17 Understanding Networked Applications A First Course 17 Digital cash 010110101101010111010110101 011010110101011010110101011 010101101010110111101011111 011010000000110101010110101 Since digital cash is represented by data, it is easily replicated. How do we prevent: Counterfeiting? Multiple spending?

18 Understanding Networked Applications A First Course 18 What is a digital cash token? Unique identifier Value attribute Bank digital signature Bit string Prevents counterfeiting Prevents spending more than once

19 Understanding Networked Applications A First Course 19 Financial institution perspective Consumer’s demand deposit Branch ATMDigital branch Currency in wallet Currency in smartcard Merchant Merchant’s demand deposit Vault cash  Digital cash liability  Payment Deposit Withdrawal May return as more digital cash

20 Understanding Networked Applications A First Course 20 Digital cash must be deposited Consumer walletConsumer smartcard Merchant Hard currency SpendDeposit Digital cash Deposit Withdraw as new digital cash

21 Understanding Networked Applications A First Course 21 Possible characteristics of digital cash Anonymity of consumer –Merchant knows who paid, but that information is not inherent to the digital cash itself –Financial institution knows what merchant deposited Attribution of cheating –Double spending Authorized traces

22 Understanding Networked Applications A First Course 22 Spending anonymity Withdrawal Payment Deposit Withdrawal and deposit are traceable, but can we break the chain somewhere?

23 Understanding Networked Applications: A First Course Supplements by David G. Messerschmitt

24 Understanding Networked Applications A First Course 24 Message digest MD algorithm Message Message digest MD is a fixed length (128 or 160 bit) summary of message One way: message cannot be recovered from MD Collision-free: computationally infeasible to find a message corresponding to a given MD

25 Understanding Networked Applications A First Course 25 Digital signature based on a message digest MD Encrypt secret key Message Decrypt public key MD Compare Signature generation Signature checking

26 Understanding Networked Applications A First Course 26 Dual signature Offer Payment authorization Dual signature Merchant Acquirer Consumer MD Acquirer can verify binding of offer and authorization, does not see offer Merchant can verify binding of offer and authorization, does not see authorization

27 Understanding Networked Applications A First Course 27 Spending anonymity Create $$, including identifier Blind signature If the consumer’s software creates the digital cash, and the bank signs it blindly, the bank will not see the identifier. The cut and choose protocol assures the bank the $$ is proper. Repeat n times Cut and choose one

28 Understanding Networked Applications A First Course 28 Blind signature analogy Token Carbon Put token and carbon in envelope $$ Present to bank for embossing Remove token from envelope $$ Consumer gets bank to sign cash token without observing contents

29 Understanding Networked Applications A First Course 29 Cut and choose protocol $$ Randomly choose one, check others Blind signature $$ Although the bank can’t see what it is signing, with the cut and choose the incentive for the consumer is to generate legitimate instances of digital cash.

Download ppt "Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt."

Similar presentations

Weighing the Risks and Benefits of Online Financial Transactions

Weighing the Risks and Benefits of Online Financial Transactions
Internet payment systems

Internet payment systems
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.

Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.

Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Electronic Check Payment Protocols and Systems

Electronic Check Payment Protocols and Systems
Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.

Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.
Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.

Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Chapter 8 Web Security.

Chapter 8 Web Security.
Paying via the Net Jan Damsgaard Dept. of Informatics Copenhagen Business School

Paying via the Net Jan Damsgaard Dept. of Informatics Copenhagen Business School
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment ELC 200 Day 24.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment ELC 200 Day 24.
“Electronic Payment System”

“Electronic Payment System”
FINANCIAL SOCCER Module 3 Credit, debit and prepaid cards Collect a quiz and worksheet from your teacher.

FINANCIAL SOCCER Module 3 Credit, debit and prepaid cards Collect a quiz and worksheet from your teacher.
Electronic Payment Systems. Transaction reconciliation –Cash or check.

Electronic Payment Systems. Transaction reconciliation –Cash or check.
E-Money / Digital Cash Lin Huang. Money / Digital Cash What is Money –Coins, Bill – can’t exist on two places at one time –Bearer bonds: immediate cashable.

E-Money / Digital Cash Lin Huang. Money / Digital Cash What is Money –Coins, Bill – can’t exist on two places at one time –Bearer bonds: immediate cashable.

Similar presentations

Ads by Google