Comp2513 E-Payment Methods

Daniel L. Silver, Ph.D.

Objectives
To introduce the basic methods of electronic payment Reference: Deital Ch. 4

2001

Daniel L. Silver

Outline
Trandition Payment Methods E-Payment Methods

2001

Daniel L. Silver

Major Architectural Components of the Web Bank

Server Client 1 Browser HTTP TCP/IP Internet Server A

Client 2
Browser

HTTP Server

App. Server

Database Server

URL index.html
Server B
2001

prog1.class prog2.jsp

Bank Server
Daniel L. Silver 4

Traditional Payment Methods

Payment: The transfer of money from one individual or legal entity to another Cash Personal Cheques Money orders (Bank note) Credit cards Debit cards
2001 Daniel L. Silver 5

Selection of Payment Method

Based on: Convenience Trace-ability Repudiation Financial risk Fraud protection

Attacks
2001

on traditional methods?
Daniel L. Silver 6

Credit Cards
A very common method of payment Cards are issued by a bank Unique 16-digit number (including check digits) and an expiration date Third party authorization companies verify purchases

2001

Daniel L. Silver

Credit Card - Business Model Logical Money Flow

3. Clearance/Settlement Customer Bank Visa (3rd Party) Stores Bank 2. Credit Authorization Store 1. Charge

4. Payment
Customer

What can you do if your statement shows a fraudulent purchase?

2001 Daniel L. Silver 8

Credit Card - IT Physical Data Flow

Customer

CARD

3rd Party Customer EFT Authorization EFT Bank System System (Visa) Card Info, Signature
Request 56k bps modem

Stores Bank System

Authorization

Reader POS Terminal OK!

2001

Authorization Program

Daniel L. Silver

Requirements of E-Payment Methods

Enable an honest customer to convince a seller to accept payment Prevent a dishonest customer from making unauthorized or fraudulent payments Ensure the privacy of honest participants Scalable to very large numbers of customers Integrate with existing and evolving systems NOT EASY!
Daniel L. Silver 10

2001

E-Payment Pros/Cons

Pros:
Potential for great flexibility Low transaction costs Rapid and diverse purchase power

Cons:
Perfect copying of transactions is possible Vulnerability to world-wide attack Lack of anonymity, potential for privacy intrusion

2001

Daniel L. Silver

11

Various E-Payment Methods

Credit and Debit card Digital Currency E-Wallets Peer-to-Peer Methods Smart card Micro-payments B2B

2001 Daniel L. Silver 12

Use of Credit Card on the Web

Customer Bank System 3rd Party Authorization System cybercash.com EFT

Stores Bank System

Authorization Server A HTTP Server App. Server Database Server

Internet
Client 1 Browser
2001

URL
Daniel L. Silver

index.html

prog.jsp
13

Credit Card Fraud

A major problem for E-commerce The merchant has no legal proof of purchase unless the buyer uses authentication certificate Companys such as Visa, nochargeback.com and CyberCash (now VeriSign) are working to limit fraud:
Visa has established high risk business models and best practices info for merchants Nochargeback.com has lists of fraudlent cards, e-mail addresses and postal addresses VeriSign/CyberCash has employed AI to catch frauders

2001

Daniel L. Silver

14

Digital Currency

Digital cash accounts like traditional bank accounts Buyers deposit cash in the account and spend it at E-Commerce sites (acct # is passed using secure proprietary protocol) E-Comm merchants can feel sure of payment Customers do not need a credit card and spending is limited to account balance www.ecash.com
Daniel L. Silver 15

2001

E-Wallets
Established by financial institutions in partnership with member E-Commerce sites Allows customer to submit billing and shipping info with one click at member sites Also can store e-Cheques, e-Cash and credit card information Not as popular as originally projected Entrypoints InfoGate offers an e-wallet

2001 Daniel L. Silver 16

Peer-to-Peer Methods

Digital cash via email (eCash.com) PayPal.com digital payment system

Acts as a trusted third party (e.g. auction purchase) To send money:
Sender sets up an account and requests to send payment Sender places payment into the receivers account by creditcard Reciever is notified of payment via email Receiver can transfer funds to bank account or request a cheque

There is also a request payment method FOR FREE .. ? What is the their business model ?
2001 Daniel L. Silver 17

Smart Cards

Cards with computer chips embedded on their faces very common in Europe Used for health care, transportation, ID, retail, pay phones, loyalty programs, banking machines Smart card readers interface with card and request user PIN for access Bank machines can load cards with cash and then merchants can download cash from card Returns anonymity of purchase to customer GemPlus, MasterCard are leading supplier of SCs
Daniel L. Silver 18

2001

Micro-Payments

Long distance phone call charge is an example of a micro-payment Digital Equipment Corporatiion (DEC) researchers originally envisioned MPs:
Payment per newspaper article ($0.005) Payment by stock quote ($0.001) Payment per click (Qpass, Inc)

Has not been popular, instead advertisers pay for info, or customers pay flat rates Why?
Daniel L. Silver 19

2001

Why have micro-payments failed?

Overly complicated for customer and business technology & accounting Income is very dependent on customer use (difficulties in cashflow management) Customer anxiety could act as a deterent Difficulties in standardization lost of different approaches, variant media

2001 Daniel L. Silver 20

B2B

B2B transactions are the fastest area of $ growth on the web B2B transactions are substantially larger than B2C Paymantech is major provider:
24/7 availability, all manner of EFT supported many management tools and reporting methods

Ecredit.com offers real-time automated credit approval and financing TradeCard offers comprehensive B2B Ecommerce facilities on an international scale
Daniel L. Silver 21

2001

THE END
danny.silver@acadiau.ca