Electronic Payment System Unit-III

History of Money
Barter System Tokens (precious stones and shells) Coins (precious metal) Token Notational Money (cheques) Credit cards credit based system

Real World Cash

Money is known as a medium of exchange to simplify transactions a standard of value to make it easier to decide on the worth of goods a store of value to facilitate the concept of saving

Real World Cash

Features of Cash : 1. Convenience 2. Wide acceptance 3. Anonymity 4. No cost of use 5. No audit trail

ELECTRONIC MONEY
Electronic money(electronic medium for making payment) is an electronic medium in which the users can simply transfer payments from their own bank accounts to the account of merchant , electronically and securely over the internet. it includes credit card , debit card, EFT and automated clearing house system.

Properties of E-money
Monetary value Interoperability Retrievability Security

Benefits of e money
Companys expenses reduced considerably(cheaper) Easy transaction procedure Fast and instant transaction More personalized banking services Secured payments

Identified E-money Anonymous E money Online E-money Offline E-money Based on these E-money can be classified as Identified and online(+I+L)(Credit card) Identified and offline(+I-L)(Traveler cheque,cheque) Anonymous and online(-I+L)(ATM) Anonymous and offline(-I-L)(deposit via ATM)

Types of E money

Properties of E-money :The ACID test

Atomicity : a transaction must occur completely or not at all. Consistency : all parties involved in the transaction must agree to the exchange. Isolation : each transaction must be independent of any other transaction and be treated as a stand-alone episode. Durability : to recover the last consistent state or reverse the facts of the exchange.

Properties of E-money :The ICES test

Interoperability Conservation
Temporal consistency-how well money holds its value over time Temporal Durability- how easy money is to store and access

Economy Scalability

Comparison of cash, cheque and credit card

Cash- All except conservation Cheques - All except isolated and economical Credit card-not atomic and economical

Other properties of E-money

Acceptability Ease of integration Ease of use and Ease of access Customer base

Electronic Payment System

Electronic Payment is a financial exchange that takes place online between buyers and sellers. The content of this exchange is usually some form of digital financial instrument (such as encrypted credit card numbers, electronic cheques or digital cash) that is backed by a bank or an intermediary, or by a legal tender. The various factors that have lead the financial institutions to make use of electronic payments are: Decreasing technology cost Reduced operational and processing cost Increasing online commerce

 Acceptability : the payment infrastructure should not only be robust, but also available and accessible to a wide range of consumers and sellers of goods and services. Convertibility : the electronic currency should be interoperable and exchangeable with the other forms of electronic cash, paper currencies, deposits in bank accounts, bank notes or any other financial instruments. Flexibility : payment systems should be in a position to accept several forms of payments rather than limiting the users to a single form of currency.

Characteristics of EPS

Characteristics of EPS
Reliability : the payment system should ensure and infuse confidence in users. Efficiency : it refers mainly to the cost overheads involved in the operation of digital payments. The cost of payment per transactions should be ideally close to zero. Security : digital currency should be stored in a form that is resistant to replication, doublespending, and tampering. At the same time. It should offer protection from the intruders trying to tap it and put it to unauthorized use, when transmitted over the internet.

Characteristics of EPS
Usability : the user of the payment mechanism should be able to use it as easily as real currency. This requires that the payment system should be well integrated with the existing applications and processes that acquire the role of transacting parties in electronic commerce. Scalability : it should be able to offer the same performance and cost per transactions overheads with a growing number of customers and transactions.

Types of E-Payment media

Trusted third party(Easybill) Digital Cash or E-money Notational fund transfer

Based on the size of payment, all payment transactions can be classified in the following three categories : Micro Payments Consumer Payments Business Payments Three distinct types of payment systems : Pre paid Instant paid Post paid

Online Payment Systems

Credit Cards Debit Cards Smart Cards ecash

Credit Cards
A credit card is part of a system of payments after the small plastic card issued to users of the system. It is a card entitling its holder to buy goods and services based on the holder's promise to pay for these goods and services. The issuer of the card grants a line of credit to the consumer (or the user) from which the user can borrow money for payment to a merchant or as a cash advance to the user. Most credit cards are issued by local banks or credit unions, and are the shape and size specified by the ISO/IEC 7810 standard as ID-1. This is defined as 85.60 53.98 mm in size.

Credit Cards

1. 2. 3. 4. 5. 6. 7. 8.

Issuing bank logo EMV chip on "smart cards" Hologram Credit card number Card brand logo Expiration Date Card Holder Name contactless chip

Credit card numbering

The card number's prefix, called the Bank Identification Number, is the sequence of digits at the beginning of the number that determine the bank to which a credit card number belongs. This is the first six digits for MasterCard and Visa cards. The next nine digits are the individual account number. And the final digit is a validity check code. In addition to the main credit card number, credit cards also carry issue and expiration dates (given to the nearest month), as well as extra codes such as issue numbers and security codes. Not all credit cards have the same sets of extra codes nor do they use the same number of digits.

Credit card numbering

An example of the reverse side of a typical credit card: 1. Magnetic Stripe

2. Signature Strip
3. Card Security Code

How credit cards work

Credit cards are issued after an account has been approved by the credit provider, after which cardholders can use it to make purchases at merchants accepting that card. When a purchase is made, the credit card user agrees to pay the card issuer. The cardholder indicates consent to pay by signing a receipt with a record of the card details and indicating the amount to be paid or by entering a personal identification number (PIN). Also, many merchants now accept verbal authorizations via telephone and electronic authorization using the Internet, known as a 'Card/Cardholder Not Present' (CNP) transaction.

How credit cards work

Electronic verification systems allow merchants to verify that the card is valid and the credit card customer has sufficient credit to cover the purchase in a few seconds, allowing the verification to happen at time of purchase. i. The verification is performed using a credit card payment terminal or Point of Sale (POS) system with a communications link to the merchant's acquiring bank. ii. Data from the card is obtained from a magnetic stripe or chip on the card.

How credit cards work

Other variations of verification systems are used by eCommerce merchants to determine if the user's account is valid and able to accept the charge. i. These will typically involve the cardholder providing additional information, such as the security code printed on the back of the card, or the address of the cardholder.

How credit cards work

Each month, the credit card user is sent a statement indicating the purchases undertaken with the card, any outstanding fees, and the total amount owed. After receiving the statement, the cardholder may dispute any charges that he or she thinks are incorrect. Otherwise, the cardholder must pay a defined minimum proportion of the bill by a due date, or may choose to pay a higher amount up to the entire amount owed.

How credit cards work

The credit issuer charges interest on the amount owed if the balance is not paid in full (typically at a much higher rate than most other forms of debt).

Benefits to customers
The main benefit to each customer is convenience. Compared to debit cards and checkes, a credit card allows small short-term loans to be quickly made to a customer who need not calculate a balance remaining before every transaction, provided the total charges do not exceed the maximum credit line for the card. Credit cards also provide more fraud protection than debit cards. In the UK for example, the bank is jointly liable with the merchant for purchases of defective products over 100.

Benefits to customers
Many credit cards offer rewards and benefits packages, such as offering enhanced product warranties at no cost, free loss/damage coverage on new purchases, and points which may be redeemed for cash, products, or airline tickets. Additionally, carrying a credit card may be a convenience to some customers as it eliminates the need to carry any cash for most purposes.

Benefits to merchants
For merchants, a credit card transaction is often more secure than other forms of payment, cash, because they discourage theft by the merchant's employees and reduce the amount of cash on the premises.

Parties involved
Cardholder: The holder of the card used to make a purchase; the consumer. Card-issuing bank: The financial institution or other organization that issued the credit card to the cardholder. This bank bills the consumer for repayment and bears the risk if that card is used fraudulently. Merchant: The individual or business accepting credit card payments for products or services sold to the cardholder.

Parties involved
Acquiring bank: The financial institution accepting payment for the products or services on behalf of the merchant. Merchant account: This could refer to the acquiring bank or the independent sales organization, but in general is the organization that the merchant deals with.

Parties involved
Credit Card association: An association of cardissuing banks such as Visa, MasterCard, Discover, American Express, etc. that set transaction terms for merchants, card-issuing banks, and acquiring banks. Transaction network: The system that implements the mechanics of the electronic transactions. May be operated by an independent company, and one company may operate multiple networks.

Transaction steps
Authorization: The cardholder pays for the purchase and the merchant submits the transaction to the acquirer (acquiring bank). The acquirer verifies the credit card number, the transaction type and the amount with the issuer (Card-issuing bank) and reserves that amount of the cardholder's credit limit for the merchant. An authorization will generate an approval code, which the merchant stores with the transaction. Batching: Authorized transactions are stored in "batches", which are sent to the acquirer.

Transaction steps
Batches are typically submitted once per day at the end of the business day. If a transaction is not submitted in the batch, the authorization will stay valid for a period determined by the issuer, after which the held amount will be returned back to the cardholder's available credit. Clearing and Settlement: The acquirer sends the batch transactions through the credit card association, which debits the issuers for payment and credits the acquirer.

Transaction steps
Essentially, the issuer pays the acquirer for the transaction. Funding: Once the acquirer has been paid, the acquirer pays the merchant. The merchant receives the amount totaling the funds in the batch minus either the "discount rate," "mid-qualified rate", or "non-qualified rate" which are tiers of fees the merchant pays the acquirer for processing the transactions. Charge backs: A chargeback is an event in which money in a merchant account is held due to a dispute relating to the transaction.

Transaction steps
Charge backs are typically initiated by the cardholder. In the event of a chargeback, the issuer returns the transaction to the acquirer for resolution. The acquirer then forwards the chargeback to the merchant, who must either accept the chargeback or contest it. A merchant is responsible for the chargeback only if he/she has violated the card acceptance procedures as per the merchant agreement with card acquirers.

Debit Cards
A debit card (also known as a bank card or check card) is a plastic card that provides the cardholder electronic access to his or her bank account(s) at a financial institution. Unlike credit cards, the funds paid using a debit card are transferred from the bearer's bank account, instead of having the bearer pay back the money at a later date. Debit cards can be used with or without a personal identification number (PIN) almost everywhere retail stores, gasoline stations, restaurants, and pay phones.

Debit Cards
When used without a PIN (called an offline transactions), the merchants terminal reads the card and identifies it as a debit card that creates a debit against the cardholders bank account. When a debit card is used with a PIN (called an online transaction), the cardholder simply inserts the card in the machine, enters the PIN number, and proceeds as when using an ATM card.

Debit Cards
According to the National Consumers League, here is what consumers need to know about debit cards: Using a debit card frees you from having to carry cash or a checkbook. You dont have to carry travelers checks, show identification, or give out personal information at the time of the transaction. Debit cards are more readily accepted by merchants than are checks, especially in countries where check cashing and check processing are not widely used. It is generally easier to get a debit card than a credit card. You can get a debit card the moment you have a checking or a savings account.

Debit Cards
Returned debit card purchases are treated just like returns for items purchased by cash or check. The debit card is a quick pay now process. No grace period is given as for credit card payments. A major problem at this time is that using a debit card may mean less protection for items that are never delivered, for defective items, or for items that were misrepresented. With credit card purchases, you can contest the charge and put a hold on payment within 60 days.

Debit Cards
Cardholders might overspend their limit before anyone finds out. Retailers do not have verification machines to see a bank account balance before the sale. During busy times, most retailers process small sales on faith.

Smart Cards
A smart card, first produced in 1977 by Motorola, is a thin, credit card-sized piece of plastic that contains a half-inch-square area that serves as the cards input/output system. A smart card contains a programmable chip, a combination of RAM and ROM storage, and an operating system of sorts, all embedded in the plastic. It encrypts digital cash on a chip and can be refilled by connecting to a bank. A smart card carries more information than can be accommodated on a card with a magnetic stripe. Infact, it is the chips ability to store information in its memory that makes it smart.

Smart Cards
A smart card may have the following generic characteristics: Dimensions similar to those of a credit card. ID-1 of the ISO/IEC 7810 standard defines cards as nominally 85.60 by 53.98 millimetres (3.370 2.125 in). Another popular size is ID000 which is nominally 25 by 15 millimetres (0.984 0.591 in) (commonly used in SIM cards). Both are 0.76 millimetres (0.030 in) thick.

Smart Cards
Contains a tamper-resistant security system (for example a secure crypto processor and a secure file system) and provides security services (e.g., protects in-memory information). Managed by an administration system which securely interchanges information and configuration settings with the card and application-data updates. Communicates with external services via cardreading devices, such as ticket readers, ATMs, etc.

Smart Cards
Types of Smart Cards Contact Card : A smart card containing a small gold plate on the face that when inserted in a smart card reader makes contact and passes data to and from the embedded microchip. Contactless (proximity) Card : A smart card with an embedded antenna, by means of which data and applications are passed to and from a card reader unit or other device without contact between the card and the card reader.(Proximity: one foot from reader, ampilified remote sensing card:100 feet(Toll moving vehicles)) Hybrid card(contact and proximity card type e.g. in Tokyo same card is used for buses, train and taxis. Contact for taxis and remote sensing is used for subway and buses)

Smart Cards
Applications of Smart Cards Retail Purchases (e-purse) : Smart card application that loads money from a card holders bank account onto the smart cards chip. Transit Fares : To eliminate the inconvenience of multiple types of tickets used in public transportation, most major transit operators in the United States are implementing smart card fare-ticketing systems. E-Identification : Because they have the capability to store personal information, including pictures, biometric identifiers, digital signatures, and private security keys, smart cards are being used in a variety of identification, access control, and authentication applications

Smart Cards
Health Care : Storing vital medical information in case of emergencies Providing medical practitioners with secure access to a patients complete medical history Speeding up the payment and claims process Enabling patients to access their medical records over the Internet

Smart Cards
Securing Smart Cards
Smart cards store or provide access to either valuable assets or to sensitive information Because of this, they must be secured against theft, fraud, or misuse The possibility of hacking into a smart card is classified as a class 3 attack, which means that the cost of compromising the card far exceeds the benefits

eCash
It is a purely software based, anonymous, untraceable, online, token based system. It allows for bi-directional payments. There is no distinction between customers and merchants with regards to payments. Since the system is coin based, it requires clearing of coins by the issuing bank. Closed versus Open(Card to Card) E-Cash system

eCash (Withdrawal)
Two participants : the bank and the customer. A customer connects to an eCash issuer and purchases electronic coins of the required value. These coins are generated, involving the blind signature scheme to make the tokens anonymous. The customer generates the token ids, blinds them, determines their denominations, transmits them to the issuer that blind signs them and returns them to the customer, who in turn unbinds them and stores them on his PC, in a wallet. The messages include strings of digits, and each string corresponds to a different digital coin, with each coin having a denomination or value.

eCash (Purchase)
If the customer shows the intent to purchase a product, he receives a payment request from the merchant, which he has to confirm. His eCash software chooses coins with the desired total value from the wallet on his hard disk. It then removes these coins and sends them over the network, to the merchants shop. When it receives the coins, the merchants software automatically sends them on to the bank and waits for acceptance before sending the goods to the customer, along with a receipt.

e-wallet
A digital wallet (also known as an e-wallet) allows users to make electronic commerce transactions quickly and securely. A digital wallet functions much like a physical wallet. The digital wallet was first conceived as a method of storing various forms of electronic money (e-cash), but with little popularity of such e-cash services, the digital wallet has evolved into a service that provides internet users with a convenient way to store and use online shopping information.

e-wallet
The term digital wallet is also increasingly being used to describe mobile phones, especially smartphones, that store an individuals credentials and utilize wireless technologies such as near field communication (NFC) to carry out financial transactions. An individuals bank account is usually linked to the digital wallet. They might also have their drivers license, health card, loyalty card(s) and other ID documents stored on the phone. The credentials can be passed to a merchants terminal wirelessly via NFC.

e-wallet
A digital wallet has both a software and information component. The software provides security and encryption for the personal information and for the actual transaction. Typically, digital wallets are stored on the client side and are easily selfmaintained and fully compatible with most ecommerce Web sites. A server-side digital wallet, also known as a thin wallet, is one that an organization creates for and about you and maintains on its servers. Server-side digital wallets are gaining popularity among major retailers due to the security, efficiency, and added utility it provides to the end-user, which increases their enjoyment of their overall purchase.

e-wallet
The information component is basically a database of user-inputted information. This information consists of your shipping address, billing address, payment methods (including credit card numbers, expiry dates, and security numbers), and other information.

Setup and use

A client side digital wallet requires minimal setup and is relatively easy to use. Once the software is installed, the user begins by entering all the pertinent information. The digital wallet is now setup. At the purchase/check-out page of an e-commerce site, the digital wallet software has the ability to automatically enter the user information in the online form. By default, most digital wallets prompt when the software recognizes a form in which it can fill out, if you chose to fill out the form automatically, you will be prompted for a password. This keeps unauthorized users from viewing personal information stored on a particular computer.

Application of Digital Wallet

Consumers are not required to fill out order forms on each site when they purchase an item because the information has already been stored and is automatically updated and entered into the order fields across merchant sites when using a digital wallet. Consumers also benefit when using digital wallets because their information is encrypted or protected by a private software code. And merchants benefit by receiving protection against fraud.

Application of Digital Wallet

Digital wallets are available to consumers free of charge, and they're fairly easy to obtain. For example, when a consumer makes a purchase at a merchant site that's set up to handle serverside digital wallets, he types his name and payment and shipping information into the merchant's own form. At the end of the purchase, the consumer is asked to sign up for a wallet of his choice by entering a user name and password for future purchases. Users can also acquire wallets at a wallet vendor's site.

 Although a wallet is free for consumers, vendors charge merchants for wallets. Some wallet vendors make arrangements for merchants to pay them a percentage of every successful purchase directed through their wallets. In other cases, digital wallet vendors process the transactions between cardholders and participating merchants and charge merchants a flat fee.

Electronic Funds Transfer

An electronic funds transfer (also known as EFT) is a system for transferring money from one bank to another without using paper money. Its use has become widespread with the arrival of personal computers, cheap networks, improved cryptography and the Internet. Since it is affected by financial fraud, the electronic funds transfer act was implemented. This federal law protects the consumer in case a problem arises at the moment of the transaction.

From Where Did It Come?

The history of electronic funds transfer originated from the common funds transfer of the past. Since the 19th century, and with the help of telegraphs, funds transfers were an usual thing in commercial transactions. Finally, it migrated itself to computers and became the electronic money transfers of today.

Where Do I Find EFT's?

Direct Deposit: It is used by employers for depositing their employees' salary in a bank account. Automatic charge to your check or savings account. For example, when you are paying a mortgage, the bank will discharge the monthly payment from a pre-accorded bank account. The benefit is that you won't have to go to the bank to do it. It's automatic. Cash Card: With this type of card you can spend a prepaid amount of money until the balance is zero. So, if you wish to make a gift certificate without tying up your beneficiary with one store, you can buy a cash card from your favorite bank.

Where Do I Find EFT's?...

ATM's are also used for EFT's. Since an automatic teller machine is much cheaper than a group of bank tellers, it has helped to bring costs down and beneficiate the customer. Points of sale (also known as POS) are also part of this group. Those little blue or dark blue machines in which you pass your card are doing an electronic fund transfer from your account to the retail account. Imagine how the world without them was. Slow, wasn't it?

What Are The Pros?

Time: Since all the transaction is done automatically and electronically, the bank doesn't need to pay a person to do it, a person to drive the loans to the other bank, the cost of the transport, the cost of the maintenance of the transport, online auto insurance and the gas of the transport. EFT's have revolutionized modern banking. Other benefit is immediate payment, which brings an up to date cash flow. You won't hear either about lost checks causes by the inefficiency of normal mail and up to date bookkeeping.

Electronic Fund Transfer (EFT) on the Internet

Internet
Payer Payee

Cyber Bank

Cyber Bank

Payment Gateway

Payment Gateway

Bank

Bank Automated Clearinghouse

VAN

VAN

An Architecture of Electronic Fund Transfer on the Internet

Secure Electronic Transactions(SET)

Protocol is a proven standard for handling transactions on the internet Administered jointly by Visa and Master card(1997) to ensure reliable, secure transaction processing in the electronic payment system Cover every aspect from initial investigation of a card holder with an online agency through the actual details of payment It authenticate the identification of the parties involved in the transaction by using a combination of cryptography system. SET protocol meets for security requirements authentication, encryption, integrity and non repudation.

Goals
Confidentiality of Payment as it is processed electronically Integrity of transmitted Data Authentication of card Holder Interoperability across network providers.

B2B Payment Methods

B2B e-payment systems are evolving that can save processing costs and improve the overall efficiency of financial transactions between businesses. This area is part of electronic invoice presentment and payment (EIPP) systems. EIPP is the process by which companies present invoices through the Internet and make payments to one another.

Alternative Electronic Networks Mastercard RPPS

The MasterCard Remote Payment and Presentment Service (RPPS), governed by MasterCard International, is a fully electronic solution for B2B payment processing that provides electronic routing, posting and same day settlement of financial transactions for participating members. MasterCard RPPS has been processing electronic payments for bill payment services since 1987. In September 2000, RPPS launched its bill presentment service to provide complete end-to-end billing and payment processing in an open standards environment.

The RPPS network is designed to act as a single connection point, enabling all participants to reach multiple endpoints. For example, to send payments to more than one Seller, a Buyer needs just one connection to MasterCard RPPS. Correspondingly, through a single connection to MasterCard RPPS, a Seller can receive payments from multiple Buyers.

 In the MasterCard RPPS network, the Buyer/Originator typically initiates credit transactions; although a Receiver, or Seller, may initiate a return as a credit transaction. Debit transactions may be initiated by a Buyer/Originator to reverse a payment. Data must be submitted in the RPPS proprietary format. There are no volume or remittance limitations.

A member can participate in RPPS in three ways: as a Buyer (Originator), as a Seller or a third party that acts on behalf of the Seller (Receiver), or as both. In a MasterCard RPPS payment transaction, the participants include: 1. The Buyer : A Buyer is a company that intends to pay a Seller using the MasterCard RPPS network. The Buyer originates payment transactions to RPPS or may use a financial institution/ service provider to originate payments files to RPPS. A Buyer that is not a financial institution and directly connects to RPPS must be sponsored on the RPPS network by a bank. An agreement or contractual relationship must be in place between the Buyer, the Buyers Settlement Bank /Sponsor Bank, and RPPS.

2. The Buyers Settlement Bank/Sponsor Bank : The Buyers Settlement Bank/Sponsor Bank is a financial institution used by any Buyer that is not a financial institution itself. If the Buyer is a financial institution, it also acts as its own Settlement Bank. The Buyers Settlement Bank/Sponsor Bank is the institution from which the MasterCard Settlement Bank obtains funds via a Fedwire(Federal Reserve Wire Network) to credit Receivers for payment files sent through the RPPS network. All non-banks that send financial transactions through RPPS must be sponsored by a Bank to guarantee settlement. A Settlement Bank /Sponsor Bank is necessary because RPPS processes in a guaranteedfunds, same day settlement scenario. If, for example, a Buyer were unable to fund payments sent through the RPPS network, the Buyers Settlement Bank /Sponsor Bank would be responsible for guaranteeing the funds for the Buyer. An agreement or contractual relationship must be in place between the Buyer, the Buyers Settlement Bank /Sponsor Bank, and RPPS.

3. The Receiver : A Receiver is typically a financial institution that receives payments on behalf of a Seller from a Buyer via the RPPS network. In some cases the Seller is also the Receiver if the Seller is a financial institution. The Receiver must have a contractual relationship with MasterCard RPPS in order to accept payment via the MasterCard RPPS system.

4. The Seller : The Seller is a company to which a MasterCard RPPS payment transaction is sent. If the Seller is a financial institution, it may function in both the Receiver and Seller roles.

5. MasterCard RPPS : MasterCard RPPS maintains all connections between Buyers and Receivers to transmit data and funds. This allows all parties involved to have one connection to reach multiple Buyers and Sellers. MasterCard RPPS maintains all connections, performs extensive edit checks on all files and payment transactions, batches and sends all files, and initiates all settlement transactions.

6. The MasterCard RPPS Settlement Bank : The MasterCard Settlement Bank is the financial institution used by RPPS to initiate Fedwires to all Buyers Settlement Banks and to credit all Receivers for payment files sent through the RPPS network. The MasterCard Settlement Bank sends Fedwires for the value of payments transferred through the MasterCard RPPS network to the appropriate Receivers. The MasterCard Settlement Bank is an agent of MasterCard RPPS and has an agreement with MasterCard RPPS to provide settlement services on its behalf.

Internet Monetary Payment & Security Requirements

For consumers and merchants to be able to trust one another, prevent transmitted payment information from being tampered with, and complete transactions with any valid party, the following issues need to be addressed: Confidentiality of payment information Integrity of payment information transmitted via public networks. Verification that an accountholder is using a legitimate account. Verification that a merchant can accept that particular account. Interoperability across software and network providers.

 Confidentiality of payment information : Payment information must be secure as it travels across the Internet. Without security, payment information could be picked up by hackers at the router, communication-line, or host-level, possibly resulting in the production of counterfeit cards or fraudulent transactions. To provide security, account information and payment information will need to be encrypted.

 Payment Information Integrity : Payment information sent from consumers to merchants includes order information, personal data, and payment instructions. If any piece of the information is modified, the transaction may no longer be accurate. To eliminate this possible source of error or fraud, an arithmetic algorithm called hashing, along with the concept of digital signature is employed.

 Account holder and merchant authentication : Similar to the way card accounts are stolen and used, it is possible for a person to use a stolen account and try to initiate an electronic commerce transaction. To protect against this, a process that links a valid account to a customers digital signature needs to be established. A way to secure this link is by use of a trusted third party who could validate the public key and account of the customer. Similarly, to validate merchants account also third party can be used.

Warning signs
Expensive items Ordering multiple items to be shipped to more than one verifiable address. Different addresses, where one address is given for shipping the product and another for sending the bill. Providing e-mail addresses that are difficult to trace. Overseas addresses(countries having maximum frauds) Instructing e-merchant to have an expensive order left at the door or in front of a given store.

M-Payment
The ability to secure payments over wireless devices like mobile phones and personal digital assistants . Success of m-commerce depends on delivering confidential data safely and reliably

Transactions via mobile phone

Key players: Users, the mobile device, mobile transaction provider-Bank, cellular operator Steps Identification of user via password, biometric etc Authentication of the transaction via Encryption mechanism like Digital Signatures Secure performance of the total transaction process via Secure payment protocols like SET

Automated Clearing House (ACH) Network

The Automated Clearing House (ACH) Network is a nationwide electronic payments system governed by the NACHA the Electronic Payments Association, a trade association representing more than 12,000 financial institutions. The ACH Network is a batch processing, store and forward system. ACH transactions, or entries, that are received during the day by financial institutions are stored and processed in a group or batch mode. ACH transactions are accumulated and sorted by destination for transmission during a predetermined time period.

 This process provides significant economies of scale and enables faster processing than is possible for cheques, which must be physically handled. Instead of using paper to carry transaction information, ACH payments are sent from one financial institution to another via data transmission.

In a Corporate ACH payment transaction, the participants include: 1. The Originating Company (Originator) : The Originator is the company that initiates the ACH transaction to complete payment between two businesses. The Originator can be either the Buyer or the Seller, depending on which party initiates the ACH transaction. When ACH payments are used, the Buyer and the Seller establish a contractual agreement (called a Trading Partner Agreement) between the companies prior to the first payment. This agreement provides the authorization for ACH payments. The Originator must also establish a contract with a financial institution, the Originating Depository Financial Institution (ODFI), to initiate ACH payments with or without remittance data.

2. The Originating Depository Financial Institution (ODFI) : The Originating Depository Financial Institution is the financial institution that submits the payment transactions to the ACH Operator. The ACH transaction is initiated by the ODFI at the request of the Originator after the appropriate contractual relationship has been established between the Originator and the ODFI. This agreement binds the Originating Company to the NACHA Operating Rules and typically defines the parameters of the relationship between the two parties. It also identifies processing requirements for the Corporate ACH payment application(s) to be used and establishes liability and accountability for specific procedures.

3. The ACH Operator : The ACH Operator is either the Federal Reserve Bank or one of three private sector ACH Operators (Electronic Payments Network (EPN), Payments Resource One, and Visa). The ACH Operator: a. Provides clearing, delivery and settlement services for ACH transactions; b. Adheres to the NACHA Operating Rules; c. Executes agreements with participating financial institutions to bind them to the NACHA Operating Rules; d. Processes and edits ACH transaction files based on the NACHA Operating Rules; e. Applies risk control measures; and f. Adheres to National ACH Operator Performance Standards.

4. The Receiving Depository Financial Institution (RDFI) : The Receiving Depository Financial Institution is the financial institution that receives the ACH debit or credit transaction sent by the Originator through the ODFI and the ACH Operator. The RDFI typically has a depository relationship and may have a contractual relationship with the company receiving the ACH transaction (Receiver). The RDFI is responsible for timely posting of the ACH transaction to the Receivers account on the settlement date. This posting must occur by the close of business. If the ACH transaction is a credit transaction, the payment may also be accompanied by remittance data. The RDFI is responsible for providing this remittance data to the Receiving Company.

5. The Receiving Company (Receiver) : The Receiver is a company to which a Corporate ACH transaction has been sent. The Receiver can be either the Buyer or the Seller, depending on which party initiates the ACH transaction. A Receiver must have an account relationship and may also establish a contractual agreement with a Receiving Depository Financial Institution. The agreement between the RDFI and the Receiving Company typically specifies the arrangements for delivery of remittance information from the RDFI to the Receiver. Remittance information may be delivered to the Receiver electronically, by fax, or by paper listing.

First Virtual PIN

First virtual PIN never ask for credit card information . The Procedure to get first virtual PIN: Customer purchase a First virtual Account by filling online form. Customer have to pay some fee and receive a First Virtual PIN for their purchases. On every purchase, customer send their PIN to the seller. Seller sends to the First virtual for verification.

 Availability of fund is checked by First virtual and sends a confirmation request to buyer by mail. Once buyer authorizes the payment, FV confirms it to the seller and money is transferred from the customer account to the merchant account. The credit card no will not be charged until the FV company receives a reply to confirm the sale.

Advantages of Virtual PIN

Flexible, accessible and easy to use Security All credit card checking is done offline

Disadvantages of Virtual PIN

Costly for the merchant Not feasible for small transactions Time consuming

Infrastructure issues in E-payment in India

Poor Infrastructure Security Limited Bandwidth Poor penetration of PCs and internet People resist to change