Skip to main content

Home/ IPGO2010/ Group items tagged bank

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
The Players

What Impact Will E-Commerce Have on the U.S. Economy? - Federal Reserve Bank of Kansas ... - 0 views

findarticles.com/...ai_n9396584

shared by The Players on 10 May 10 - Cached
  • The Players on 10 May 10
     
    What Impact Will E-Commerce Have on the U.S. Economy? from Federal Reserve Bank of Kansas City - Economic Review provided by Find Articles at BNET
Spauit group

ecommerce security issues: an introduction - 0 views

www.ecommerce-digest.com/ecommerce-security-issues.html

security issues

shared by Spauit group on 11 May 10 - Cached
  • Any system has to meet four requirements: privacy: information must be kept from unauthorized parties. integrity: message must not be altered or tampered with. authentication: sender and recipient must prove their identities to each other. non-repudiation: proof is needed that the message was indeed receive
  • Digital signatures meet the need for authentication and integrity. To vastly simplify matters (as throughout this page), a plain text message is run through a hash function and so given a value: the message digest. This digest, the hash function and the plain text encrypted with the recipient's public key is sent to the recipient. The recipient decodes the message with their private key, and runs the message through the supplied hash function to that the message digest value remains unchanged (message has not been tampered with). Very often, the message is also timestamped by a third party agency, which provides non-repudiation.
  • What about authentication? How does a customer know that the website receiving sensitive information is not set up by some other party posing as the e-merchant? They check the digital certificate
  • ...3 more annotations...
  • The procedure is something like this: the client sends a message to the server, which replies with a digital certificate. Using PKI, server and client negotiate to create session keys, which are symmetrical secret keys specially created for that particular transmission. Once the session keys are agreed, communication continues with these session keys and the digital certificates.
  • Credit card details can be safely sent with SSL, but once stored on the server they are vulnerable to outsiders hacking into the server and accompanying network. A PCI (peripheral component interconnect: hardware) card is often added for protection, therefore, or another approach altogether is adopted: SET (Secure Electronic Transaction). Developed by Visa and Mastercard, SET uses PKI for privacy, and digital certificates to authenticate the three parties: merchant, customer and bank. More importantly, sensitive information is not seen by the merchant, and is not kept on the merchant's server.
  • Sensitive information has to be protected through at least three transactions: credit card details supplied by the customer, either to the merchant or payment gateway. Handled by the server's SSL and the merchant/server's digital certificates. credit card details passed to the bank for processing. Handled by the complex security measures of the payment gateway. order and customer details supplied to the merchant, either directly or from the payment gateway/credit card processing company. Handled by SSL, server security, digital certificates (and payment gateway sometimes).
Christoph Dworzak

Paypal - 0 views

www.paypal.com/...webscr

paying ecommerce credit card money bank account

shared by Christoph Dworzak on 10 May 10 - No Cached
  • Christoph Dworzak on 10 May 10
     
    Paypal is a system by which payments can be carried out in a safe, easy way
1 - 3 of 3
Showing 20 items per page