SlideShare una empresa de Scribd logo

Secure payment systems

Descargar como PPT, PDF
Abdulaziz Mohd
Abdulaziz Mohd
Tecnología
1 de 72
SECURE PAYMENT SYSTEMS
OUTLINE ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WHY IS SECURITY AN ISSUE? ,[object Object],[object Object],[object Object],[object Object]
AGENDA ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
E-COMMERCE PARTICIPANTS
E-COMMERCE PROBLEMS Snooper Unreliable Merchant Unknown customer
E-COMMERCE RISKS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WHY IS THE INTERNET INSECURE? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],A B C Eavesdropping Denial of service A B C Interception A B C Replay/fabrication A B C S S S C C
FIVE MAJOR REQUIREMENTS OF A SECURE TRANSACTION ,[object Object],[object Object],[object Object],[object Object],[object Object]
E-COMMERCE SECURITY ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
WHAT IS ENCRYPTION? ,[object Object],[object Object],[object Object],[object Object],[object Object]
PUBLIC-KEY INFRASTRUCTURE (PKI) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
BASIC ENCRYPTION ALGORITHM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CLASSES OF ALGORITHMS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MESSAGE CONFIDENTIALITY USING A KEY-PAIR
AUTHENTICATION AND TRUST ,[object Object],[object Object],[object Object],[object Object]
THE DIGITAL SIGNATURE PROCESS
DIGITAL CERTIFICATES ,[object Object],[object Object],[object Object],[object Object],[object Object]
VERIFYING A DIGITAL SIGNATURE
FOUR CLASSES OF DIGITAL CERTIFICATES ,[object Object],[object Object],[object Object],[object Object]
ENCRYPTION (SHARED KEY) - Sender and receiver agree on a key K - No one else knows K - K is used to derive encryption key EK & decryption key DK - Sender computes and sends EK (Message) - Receiver computes DK ( EK (Message)) - Example: DES: Data Encryption Standard m : message k : shared key
PUBLIC KEY ENCRYPTION ,[object Object],[object Object],[object Object],[object Object],m : message sk : private secret key pk : public key
DIGITAL SIGNATURE Sign: sign(sk,m) = Dsk (m) Verify: Epk (sign(sk,m)) = m Sign on small hash function to reduce cost
SIGNED AND SECRET MESSAGES sign(sk1, m) Encrypt(pk2) m Decrypt(sk2) Verify-sign Encrypt(pk1) Epk2 ( Dsk1 (m)) pk1 pk2 First sign, then encrypt: order is important.
DIGITAL CERTIFICATES Register public key Download public key How to establish authenticity of public key?
CERTIFICATION AUTHORITY
SECURITY AND HTTPS ,[object Object],[object Object],[object Object],[object Object]
SECURITY THROUGH HTTPS Browser Database Server Client 1 Server A URL HTTP TCP/IP HTTP Server App. Server index.html Bank Server Dedicated prog.jsp HTTPS port = 80 port = 443
S-HTTP: SECURE HTTP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SSL: SECURE SOCKET LAYER ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SSL – SECURE SOCKET LAYER ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SSL HANDSHAKE PROTOCOL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MAJOR ARCHITECTURAL COMPONENTS OF THE WEB Internet Browser Database Server Client 1 Server A Server B Bank Server URL HTTP TCP/IP Browser Client 2 HTTP Server App. Server index.html Bank Server prog.jsp
REQUIREMENTS FOR INTERNET-BASED PAYMENTS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
PAYMENT SYSTEM TYPES ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ELECTRONIC CHEQUES ,[object Object],[object Object],[object Object],[object Object],[object Object]
HOW DOES ECHECK WORK? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ANONYMOUS PAYMENTS 1. Withdraw money: cyrpographically encoded tokens 2. Transform so merchant can check validity but identity hidden 3. Send token after adding merchant’s identity 4. Check validity and send goods 5. Deposit token at bank. If double spent reveal identity and notify police customer merchant
PROBLEMS WITH THE PROTOCOL ,[object Object],[object Object],[object Object],[object Object],[object Object]
MICROPAYMENTS ON HYPERLINKS ,[object Object],[object Object],[object Object],[object Object]
MICROPAYMENTS: NETBILL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
RECENT MICROPAYMENT SYSTEMS
PAYING WITH CREDIT CARDS ,[object Object],[object Object],[object Object],[object Object],[object Object]
ENCRYPTED CREDIT CARD PAYMENT ,[object Object],[object Object],[object Object],[object Object],[object Object]
FIRST VIRTUAL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CYBERCASH ,[object Object],[object Object],[object Object],[object Object],[object Object]
SECURE INTERNET CREDIT CARD PAYMENT
SECURE ELECTRONIC TRANSACTION (SET) PROTOCOL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SET PROTOCOL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
THE SET PROTOCOL The SET protocol coordinates the activities of the customer, merchant, merchant’s bank, and card issuer. [Source: Stein]
SET USES A HIERARCHY OF TRUST All parties hold certificates signed directly or indirectly by a certifying authority. [Source: Stein]
SET PAYMENT TRANSACTIONS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CLASSICAL FLOW OF A SET TRANSACTION
SMART CARDS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SMART CARD APPLICATIONS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SMART CARDS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SMART CARDS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SMART CARD APPLICATIONS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
ADVANTAGES AND DISADVANTAGES OF SMART CARDS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MONDEX SMART CARD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Mondex Smart Card Processing
MONDEX TRANSACTION ,[object Object],[object Object],[object Object],[object Object]
MONDEX SMART CARD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
DIGICASH, E-CASH AND E-WALLET ,[object Object],[object Object],[object Object],[object Object],[object Object]
Creating a new global standard for online payments 10/07/04
HOW PAYPAL WORKS Senders Visa/MC, Amex, Discover Bank Account Debit Card (e.g., Switch-Solo in UK) Stored Value Account Bank Account PayPal Debit MasterCard Paper Check Another PayPal account Stored Value Account Receivers eCheck
WHY PAYPAL WORKS FOR BUYERS ,[object Object],[object Object],[object Object],[object Object],[object Object],eCommerce P2P/remittances Importance PP competitiveness Cost Convenience Rewards/loyalty points Security Network
WHY PAYPAL WORKS FOR SELLERS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
COMPLEMENTARY MISSIONS The world’s online marketplace The world’s online payments standard Powering Online Commerce
SYMBIOTIC RELATIONSHIP WITH EBAY ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CHAPTER SUMMARY ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CHAPTER SUMMARY ( CONT’D ) ,[object Object],[object Object],[object Object],[object Object]

Recomendados

protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
Secure electronic transaction (set)
Secure electronic transaction (set)Secure electronic transaction (set)
Secure electronic transaction (set)Agnė Chomentauskaitė
 
Credit Card Systems
Credit Card SystemsCredit Card Systems
Credit Card SystemsAce Institute of Management (Nepal), Institute of Management Studies (Nepal)
 
Payment Card Industry
Payment Card IndustryPayment Card Industry
Payment Card IndustryNuclay Solutions
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
digital tokens based on E-payments
digital tokens based on E-paymentsdigital tokens based on E-payments
digital tokens based on E-paymentsraviteja reddy
 

Recomendados

protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)sonangrai
 
Secure electronic transaction (set)
Secure electronic transaction (set)Secure electronic transaction (set)
Secure electronic transaction (set)Agnė Chomentauskaitė
 
Credit Card Systems
Credit Card SystemsCredit Card Systems
Credit Card SystemsAce Institute of Management (Nepal), Institute of Management Studies (Nepal)
 
Payment Card Industry
Payment Card IndustryPayment Card Industry
Payment Card IndustryNuclay Solutions
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
digital tokens based on E-payments
digital tokens based on E-paymentsdigital tokens based on E-payments
digital tokens based on E-paymentsraviteja reddy
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Bitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportBitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportShantanu Singh
 
Ec2009 ch10 e commerce security
Ec2009 ch10 e commerce securityEc2009 ch10 e commerce security
Ec2009 ch10 e commerce securityNuth Otanasap
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Cryptocurrency
Cryptocurrency Cryptocurrency
Cryptocurrency sanskriti2510
 
Block chain technology and its applications
Block chain technology and its applications Block chain technology and its applications
Block chain technology and its applications ABHISHEK JAIN
 
Electronic Payment System (EPS) Presentation
Electronic Payment System (EPS) PresentationElectronic Payment System (EPS) Presentation
Electronic Payment System (EPS) PresentationDevansh Aggarwal
 
Electronic payment
Electronic paymentElectronic payment
Electronic paymentPrakhar Gupta
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk MitigationMukalele Rogers
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptDimpyJindal4
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
electronic commerce payment systems
electronic commerce payment systemselectronic commerce payment systems
electronic commerce payment systemstumetr1
 
EMV Overview
EMV OverviewEMV Overview
EMV OverviewKona Software Lab Limited.
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Sahan Walpitagamage
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 

Más contenido relacionado

La actualidad más candente

E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Bitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportBitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportShantanu Singh
 
Ec2009 ch10 e commerce security
Ec2009 ch10 e commerce securityEc2009 ch10 e commerce security
Ec2009 ch10 e commerce securityNuth Otanasap
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Block chain technology and its applications
Block chain technology and its applications Block chain technology and its applications
Block chain technology and its applications ABHISHEK JAIN
 
Electronic Payment System (EPS) Presentation
Electronic Payment System (EPS) PresentationElectronic Payment System (EPS) Presentation
Electronic Payment System (EPS) PresentationDevansh Aggarwal
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk MitigationMukalele Rogers
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptDimpyJindal4
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
electronic commerce payment systems
electronic commerce payment systemselectronic commerce payment systems
electronic commerce payment systemstumetr1
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 

La actualidad más candente (20)

E commerce security
E commerce securityE commerce security
E commerce security
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
 
Bitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportBitcoin Final Year Seminar Report
Bitcoin Final Year Seminar Report
 
Ec2009 ch10 e commerce security
Ec2009 ch10 e commerce securityEc2009 ch10 e commerce security
Ec2009 ch10 e commerce security
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
 
Network security
Network securityNetwork security
Network security
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Cryptocurrency
Cryptocurrency Cryptocurrency
Cryptocurrency
 
Block chain technology and its applications
Block chain technology and its applications Block chain technology and its applications
Block chain technology and its applications
 
Electronic Payment System (EPS) Presentation
Electronic Payment System (EPS) PresentationElectronic Payment System (EPS) Presentation
Electronic Payment System (EPS) Presentation
 
Electronic payment
Electronic paymentElectronic payment
Electronic payment
 
IT Security and Risk Mitigation
IT Security and Risk MitigationIT Security and Risk Mitigation
IT Security and Risk Mitigation
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.ppt
 
Network security
Network securityNetwork security
Network security
 
electronic commerce payment systems
electronic commerce payment systemselectronic commerce payment systems
electronic commerce payment systems
 
EMV Overview
EMV OverviewEMV Overview
EMV Overview
 
Firewall
FirewallFirewall
Firewall
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 

Destacado

Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Sahan Walpitagamage
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
The electronic payment systems
The electronic payment systemsThe electronic payment systems
The electronic payment systemsVishal Singh
 
Introduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovIntroduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovFilipe Mello
 
Cryptography And Secure Systems
Cryptography And Secure SystemsCryptography And Secure Systems
Cryptography And Secure SystemsInvisibits
 
How software should get done
How software should get doneHow software should get done
How software should get doneosmanehmad
 
لقاء معالي الوزير بالمقعد بالغرفة التجارية
لقاء معالي الوزير بالمقعد بالغرفة التجاريةلقاء معالي الوزير بالمقعد بالغرفة التجارية
لقاء معالي الوزير بالمقعد بالغرفة التجاريةMinistry Of Labor
 
القواعد المنظمة لشركات الاستقدام ونظام أجير
القواعد المنظمة لشركات الاستقدام ونظام أجيرالقواعد المنظمة لشركات الاستقدام ونظام أجير
القواعد المنظمة لشركات الاستقدام ونظام أجيرMinistry Of Labor
 
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433 إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433 Ministry Of Labor
 
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطين
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطيندليل برنامج الدعم الإضافي للأجور المرتبط بالتوطين
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطينMinistry Of Labor
 
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكة
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكةنحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكة
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكةMinistry Of Labor
 
Metro Jeddah - Public Transportation Plan AR
Metro Jeddah - Public Transportation Plan ARMetro Jeddah - Public Transportation Plan AR
Metro Jeddah - Public Transportation Plan ARIbrahim Al-Hudhaif
 
novel Approach For Data Hiding by integrating Steganography and Extended Visu...
novel Approach For Data Hiding by integrating Steganography and Extended Visu...novel Approach For Data Hiding by integrating Steganography and Extended Visu...
novel Approach For Data Hiding by integrating Steganography and Extended Visu...swapnalithakur7
 
دليل إصدار التأشيرات الآلية
دليل إصدار التأشيرات الآليةدليل إصدار التأشيرات الآلية
دليل إصدار التأشيرات الآليةMinistry Of Labor
 
عرض نطاقات النهائي
عرض نطاقات النهائيعرض نطاقات النهائي
عرض نطاقات النهائيMinistry Of Labor
 
Total contract control for rail projects mounir boemond
Total contract control for rail projects mounir boemondTotal contract control for rail projects mounir boemond
Total contract control for rail projects mounir boemondIbrahim Al-Hudhaif
 

Destacado (20)

Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment system
 
The electronic payment systems
The electronic payment systemsThe electronic payment systems
The electronic payment systems
 
Introduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael PerlovIntroduction to SmartCards - Michael Perlov
Introduction to SmartCards - Michael Perlov
 
Cryptography And Secure Systems
Cryptography And Secure SystemsCryptography And Secure Systems
Cryptography And Secure Systems
 
How software should get done
How software should get doneHow software should get done
How software should get done
 
How to explain bitcoin to your mother
How to explain bitcoin to your motherHow to explain bitcoin to your mother
How to explain bitcoin to your mother
 
لقاء معالي الوزير بالمقعد بالغرفة التجارية
لقاء معالي الوزير بالمقعد بالغرفة التجاريةلقاء معالي الوزير بالمقعد بالغرفة التجارية
لقاء معالي الوزير بالمقعد بالغرفة التجارية
 
القواعد المنظمة لشركات الاستقدام ونظام أجير
القواعد المنظمة لشركات الاستقدام ونظام أجيرالقواعد المنظمة لشركات الاستقدام ونظام أجير
القواعد المنظمة لشركات الاستقدام ونظام أجير
 
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433 إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433
إطلاق نظام رخص العمل الجديد السبت القادم 25 ذو الحجة 1433
 
Diagrama de flujo
Diagrama de flujoDiagrama de flujo
Diagrama de flujo
 
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطين
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطيندليل برنامج الدعم الإضافي للأجور المرتبط بالتوطين
دليل برنامج الدعم الإضافي للأجور المرتبط بالتوطين
 
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكة
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكةنحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكة
نحو تنمية قطاع المنشآت الصغيرة والمتوسطة في المملكة
 
Metro Jeddah - Public Transportation Plan AR
Metro Jeddah - Public Transportation Plan ARMetro Jeddah - Public Transportation Plan AR
Metro Jeddah - Public Transportation Plan AR
 
novel Approach For Data Hiding by integrating Steganography and Extended Visu...
novel Approach For Data Hiding by integrating Steganography and Extended Visu...novel Approach For Data Hiding by integrating Steganography and Extended Visu...
novel Approach For Data Hiding by integrating Steganography and Extended Visu...
 
دليل إصدار التأشيرات الآلية
دليل إصدار التأشيرات الآليةدليل إصدار التأشيرات الآلية
دليل إصدار التأشيرات الآلية
 
Study on Bitcoin
Study on Bitcoin Study on Bitcoin
Study on Bitcoin
 
عرض نطاقات النهائي
عرض نطاقات النهائيعرض نطاقات النهائي
عرض نطاقات النهائي
 
Saudi Talent in Mega Projects
Saudi Talent in Mega ProjectsSaudi Talent in Mega Projects
Saudi Talent in Mega Projects
 
Total contract control for rail projects mounir boemond
Total contract control for rail projects mounir boemondTotal contract control for rail projects mounir boemond
Total contract control for rail projects mounir boemond
 

Similar a Secure payment systems

PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 
Details about the SSL Certificate
Details about the SSL CertificateDetails about the SSL Certificate
Details about the SSL CertificateCheapSSLUSA
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSylvain Maret
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 

Similar a Secure payment systems (20)

Security
SecuritySecurity
Security
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
 
Ch17
Ch17Ch17
Ch17
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
 
Details about the SSL Certificate
Details about the SSL CertificateDetails about the SSL Certificate
Details about the SSL Certificate
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
 
Web Security
Web SecurityWeb Security
Web Security
 
Ssl
SslSsl
Ssl
 
Lecture17
Lecture17Lecture17
Lecture17
 
IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptx
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
E-Business security
E-Business security E-Business security
E-Business security
 
Unit v
Unit vUnit v
Unit v
 
Cryptography
CryptographyCryptography
Cryptography
 
ssl
sslssl
ssl
 

Último

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 

Último (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 

Secure payment systems

  • 2.
  • 3.
  • 4.
  • 6. E-COMMERCE PROBLEMS Snooper Unreliable Merchant Unknown customer
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15. MESSAGE CONFIDENTIALITY USING A KEY-PAIR
  • 16.
  • 18.
  • 19. VERIFYING A DIGITAL SIGNATURE
  • 20.
  • 21. ENCRYPTION (SHARED KEY) - Sender and receiver agree on a key K - No one else knows K - K is used to derive encryption key EK & decryption key DK - Sender computes and sends EK (Message) - Receiver computes DK ( EK (Message)) - Example: DES: Data Encryption Standard m : message k : shared key
  • 22.
  • 23. DIGITAL SIGNATURE Sign: sign(sk,m) = Dsk (m) Verify: Epk (sign(sk,m)) = m Sign on small hash function to reduce cost
  • 24. SIGNED AND SECRET MESSAGES sign(sk1, m) Encrypt(pk2) m Decrypt(sk2) Verify-sign Encrypt(pk1) Epk2 ( Dsk1 (m)) pk1 pk2 First sign, then encrypt: order is important.
  • 25. DIGITAL CERTIFICATES Register public key Download public key How to establish authenticity of public key?
  • 27.
  • 28. SECURITY THROUGH HTTPS Browser Database Server Client 1 Server A URL HTTP TCP/IP HTTP Server App. Server index.html Bank Server Dedicated prog.jsp HTTPS port = 80 port = 443
  • 29.
  • 30.
  • 31.
  • 32.
  • 33. MAJOR ARCHITECTURAL COMPONENTS OF THE WEB Internet Browser Database Server Client 1 Server A Server B Bank Server URL HTTP TCP/IP Browser Client 2 HTTP Server App. Server index.html Bank Server prog.jsp
  • 34.
  • 35.
  • 36.
  • 37.
  • 38. ANONYMOUS PAYMENTS 1. Withdraw money: cyrpographically encoded tokens 2. Transform so merchant can check validity but identity hidden 3. Send token after adding merchant’s identity 4. Check validity and send goods 5. Deposit token at bank. If double spent reveal identity and notify police customer merchant
  • 39.
  • 40.
  • 41.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47. SECURE INTERNET CREDIT CARD PAYMENT
  • 48.
  • 49.
  • 50. THE SET PROTOCOL The SET protocol coordinates the activities of the customer, merchant, merchant’s bank, and card issuer. [Source: Stein]
  • 51. SET USES A HIERARCHY OF TRUST All parties hold certificates signed directly or indirectly by a certifying authority. [Source: Stein]
  • 52.
  • 53. CLASSICAL FLOW OF A SET TRANSACTION
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61. Mondex Smart Card Processing
  • 62.
  • 63.
  • 64.
  • 65. Creating a new global standard for online payments 10/07/04
  • 66. HOW PAYPAL WORKS Senders Visa/MC, Amex, Discover Bank Account Debit Card (e.g., Switch-Solo in UK) Stored Value Account Bank Account PayPal Debit MasterCard Paper Check Another PayPal account Stored Value Account Receivers eCheck
  • 67.
  • 68.
  • 69. COMPLEMENTARY MISSIONS The world’s online marketplace The world’s online payments standard Powering Online Commerce
  • 70.
  • 71.
  • 72.

Notas del editor

  1. 52
  2. 52
  3. At a high level, PayPal is simply a way to enable someone to send money to another person The buyer can source the funds from a number of places PayPal does some risk-modeling and notifies the seller of the funds The seller can then access those funds from a variety of mechanisms
  4. THE EBAY MARKETPLACE AND PAYPAL ARE NOT SIMPLY GOOD FOR EACH OTHER; THEY ALSO SHARE COMPLEMENTARY MISSIONS. EBAY IS THE WORLD’S ONLINE MARKETPLACE; PAYPAL THE WORLD’S ONLINE PAYMENTS STANDARD. TOGETHER, WE ARE MAKING INEFFICIENT MARKETS EFFICIENT AND POWERING GLOBAL E-COMMERCE.
  5. PAYPAL IS NOT ONLY TERRIFIC FOR BUYERS AND SELLERS—IT’S ALSO GREAT FOR EBAY. EBAY, IN TURN, IS GREAT FOR PAYPAL. INDEED, PAYPAL AND EBAY HAVE BEEN SYNERGISTIC FROM THE BEGINNING. EBAY WAS THE IDEAL LAUNCHING PAD FOR PAYPAL’S SUCCESS. EBAY IS THE AGGREGATION POINT FOR SMALL BUSINESSES ON THE NET—BUSINESSES WHO, PRIOR TO PAYPAL, WERE STARVING FOR A SOLUTION TO THE HIGH COST AND INEFFICIENCIES OF TRADITIONAL PAPER-BASED FORMS OF PAYMENTS. IT IS NOT SURPRISING, THEREFORE, THAT PAYPAL WAS BUILT ON THE POWER OF THE EBAY MARKETPLACE. EBAY’S CRITICAL MASS OF SMALL SELLERS COUPLED WITH PAYPAL’S VIRAL MODEL ENABLED PAYPAL TO SOLVE THE CLASSIC “COUNTER-PARTY” PROBLEM—THE DIFFICULTY THAT ANY NEW PAYMENT SYSTEM HAS IN ESTABLISHING A CRITICAL MASS OF ADOPTION.   PAYPAL, IN TURN, HAS ENHANCED EBAY’S SUCCESS BY INCREASING THE VELOCITY OF TRADE. SELLERS CAN NOW RECEIVE THEIR CASH IMMEDIATELY, ENCOURAGING THEM TO MORE QUICKLY BUY AND RESELL ADDITIONAL INVENTORY. BUYERS RECEIVE THEIR GOODS MORE RAPIDLY, ENTICING THEM TO BUY MORE. PAYPPAL ALSO IMPROVES THE TRUST AND SAFETY ON THE EBAY MARKETPLACE AND FACILITATES CONTINUED INNNOVATION ON THE EBAY PLATFORM.