Protection in Internet payment systems

Protection in Internet payment systems

Protection of commercial information is carried out with the help of systems based on plastic cards (most) and on the basis of digital money.

The most massive protection mechanism that is used in the WWW-system (including payments) is the Protocol SSL (Secure Sockets Layer). It uses the principle of encrypting public key information. Under lock and key understand the chain of numbers, with which is combined information through the use of cryptographic (encryption) algorithm to obtain the incoherent ciphertext.

In the case of SSL, a key pair is used, with each half of the pair encrypting the information so that only the other half can decrypt it. However, important information may be available if stored in bad faith on the seller’s server. There is also the possibility of substitution of information or submission of false information about the buyer or user.

These disadvantages are eliminated by using the Protocol SET (Secure Electronic Transaction), which is based on the use of digital signatures with a certificate (electronic identifier that authenticates the user, contains information about it and serves as a confirmation of cryptographic keys). However, SET requires special software for cardholders, stores and banks, as well as all participants of the payment system must have digital certificates, which complicates and increases the cost of its implementation.

Since 2000, there is a simplified version of SET (3D SET), which is installed only on the servers of Esquire banks and the Issuer.Protection in Internet payment systems - 2

Protection of systems using digital money is often provided using public key cryptography, digital signature “blind” digital signature, and the use of smart cards.Digital (electronic) signature – a sequence of one or more characters, which is the electronic equivalent of a written signature.

“Blind” digital signature is that when signing information, the user sees only the necessary part of it (for example, the nominal value of electronic bills), but his signature he asserts the authenticity of the entire volume of information.

Leave a Reply

Your email address will not be published. Required fields are marked *