Secure Electronic Payments

When you make an online purchase on the Internet our credit card information is vulnerable to interception by network sniffers, software that easily recognized credit card number formats.

Several basic security measures are being used to solve this security problem:
• Encrypt (code and scramble) the data passing between the customer and merchants
• Encrypt the data passing between the customer and the company authorizing the credit card transaction
• Take sensitive information offline.

For example many companies use the Secure Socket Layer (SSL), security method developed by Netscape Communications that automatically encrypts data passing between Web browser and a merchant’s server.

However, sensitive information is still vulnerable to misuse once it’s decrypted (decode and unscrambled) and stored on a merchant’s server. So a digital wallet approach such as the CyberCash payment system was developed.

In this method, you add security software add-on modules to your web browser: That enables browser to encrypt credit card data in such a way that only the bank that authorize credit card transactions for the merchant gets to see it.

All the merchant is told is whether credit card transaction is approved or not. The Secure Electronic Transaction, or SET, standard for electronic payment security extends the CyberCash digital wallet approach.

In this method, EC software encrypts a digital envelop of digital certificates specifying the payment details for each transaction. Secure Electronic Transaction or SET has been agreed by the most industry players.

Therefore, SET is expected to eventually become dominant standard for secure electronic payments on the Internet.

Secure Electronic Payments