Secure Electronic Transaction
Master Card and Visa International have developed SET Protocol which has now also been embraced
by American Express, exclusively for enabling secure credit and transactions over the net as an alternative to SSL. The salient features of SET protocols are :
- The merchant has no access to the credit card information.
- SET requires authentication of all parties involved in the transaction prior to the commencement of the processing.
The efficiency of SET in eliminating merchant fraud and preventing hacker’s from accessing the protocol can be assessed only after extensive use. Apprehensions have been expressed on the
implementation cost, processing time and additional hardware requirements. We will have to wait and see.
SET’s Encryption Process
The steps for the encryption process are :
- The transaction information is segregated into :
§ Financial information :
Credit card details and payments authorized which is a private and payment authorized which is a private communication between the cardholder and the card issuing agency or its acquiring bank.
§ Non-financial information :
Details of Goods purchased, mailing instructions, cost etc., which is a private communication between the cardholder and the merchant.
· The financial information is encrypted using card issuing agency’s public key with a digital signature.
· Similarly, the non-financial information is encrypted using the merchant’s public-key with a digital signature.
· Both digital signature are combined to generate one digital signature to cover the whole transaction.
SET’s encryption process generates two messages to cover one transaction.
Implementation of SET will require :
- Wallet software to be installed on the users’ computer.
- Commerce server on merchant’s web site and
- Payment server on the web site of the institution issuing the credit card or its AFI (Acquiring Financial Institution).
- The user will be required to :
- Download and install ‘wallet’ software on their computer.
- Install user name : and PIN (Personal Identification Number) to access the wallet.
- Record Details of credit card to be placed on the wallet.
- Obtain a digital certificate from the bank or certified agency for each credit card.
The public and secret key will be generated during the installation of the wallet.
Let us see how we can place order of our book via SET.
- We will see how we can place order of our book via SET.
- We will install a ‘Wallet’ programme by pressing an onscreen button.
- We will then select the credit card for payment.
- Wallet and merchants’ server will exchange certificates.
- Wallet encrypts the information and transmits the financial and non-financial information to merchants’ commerce server.
- Merchants’ commerce server transmits the financial information to the acquiring bank’s payment server.
No comments:
Post a Comment