Secure Electronic Transaction (SET)

ssuser7fed54 75 views 8 slides Feb 24, 2022
Slide 1
Slide 1 of 8
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8

About This Presentation

The topic comes under CRYPTOGRAPHY AND NETWORK SECURITY in Computer Science Engineering.

Size: 805.61 KB
Language: en
Added: Feb 24, 2022
Slides: 8 pages

Slide Content

SET TOPIC

Transport Layer Security The same record format as the SSL record format. Defined in RFC 2246. Similar to SSLv3. Differences in the: version number message authentication code pseudorandom function alert codes cipher suites client certificate types certificate_verify and finished message cryptographic computations padding

Secure Electronic Transactions An open encryption and security specification. Protect credit card transaction on the Internet. Companies involved: – MasterCard, Visa, IBM, Microsoft, Netscape, RSA, Terisa and Verisign Not a payment system. Set of security protocols and formats. SET SERVICES Provides a secure communication channel in a transaction. Provides trust by the use of X.509v3 digital certificates. Ensures privacy. Key Features of SET: Confidentiality of information Integrity of data Cardholder account authentication Merchant authentication 39

SET Participants A SET system includes the following participants: Cardholder Merchant Issuer Acquirer Payment gateway Certification authority Sequence of events for transactions The customer opens an account. The customer receives a certificate. Merchants have their own certificates. The customer places an order. The merchant is verified. The order and payment are sent. The merchant request payment authorization. The merchant confirm the order. The merchant provides the goods or service. The merchant requests payments.

SET functionalities : Provide Authentication Merchant Authentication – To prevent theft, SET allows customers to check previous relationships between merchants and financial institutions. Standard X.509V3 certificates are used for this verification. Customer / Cardholder Authentication – SET checks if the use of a credit card is done by an authorized user or not using X.509V3 certificates. Provide Message Confidentiality: Confidentiality refers to preventing unintended people from reading the message being transferred. SET implements confidentiality by using encryption techniques. Traditionally DES is used for encryption purposes. Provide Message Integrity: SET doesn’t allow message modification with the help of signatures. Messages are protected against unauthorized modification using RSA digital signatures with SHA-1 and some using HMAC with SHA-1,

Dual Signature The dual signature is a concept introduced with SET, which aims at connecting two information pieces meant for two different receivers : Order Information (OI) for merchant Payment Information (PI) for bank Here is the generation of dual signature: 1. The merchant has received OI and verified the signature. 2. The bank has received PI and verified the signature. 3. The customer has linked the OI and PI and can prove the linkage. For example, suppose the merchant wishes to substitute another OI in this transaction, to its advantage. It would then have to find another OI whose hash matches the existing OIMD. With SHA-1, this is deemed not to be feasible. Thus, the merchant cannot link another OI with this PI.

Purchase Request Generation : The process of purchase request generation requires three inputs: Payment Information (PI) Dual Signature Order Information Message Digest (OIMD) Purchase Request Validation on Merchant Side : The Merchant verified by comparing POMD generated through PIMD hashing with POMD generated through decryption of Dual Signature Payment Processing: Payment Authorization: Payment authorization as the name suggests is the authorization of payment information by the merchant which ensures payment will be received by the merchant. Authorization Request, Authorization Response Payment Capture : Payment capture is the process by which a merchant receives payment which includes again generating some request blocks to gateway and payment gateway in turn issues payment to the merchant. Capture Request Capture Response

Payment processing Cardholder sends Purchase Request Merchant Verified Customer Purchase Request
Tags
network security security compute rscience set transaction security
Categories
Science
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 75
  • Slides 8
  • Age 1377 days
Related Slideshows
Earthquakes_Type of Faults_Science G8.pptx 23
Earthquakes_Type of Faults_Science G8.pptx
OctabellFabila1
31 views
Quiz #1 Science 10 in the first quarter for jhs 15
Quiz #1 Science 10 in the first quarter for jhs
HendrixAntonniAmante
30 views
Astronomy history from long ago till doday 9
Astronomy history from long ago till doday
ssuserbd9abe
29 views
Great history of astronomy from long ago till today 9
Great history of astronomy from long ago till today
ssuserbd9abe
27 views
EARTHQUAKE-DRILL.powerpoint............. 20
EARTHQUAKE-DRILL.powerpoint.............
chalobrido8
30 views
History of astronomy from old times to the present times 9
History of astronomy from old times to the present times
ssuserbd9abe
30 views
View More in This Category