Financial Daily from THE HINDU group of publications
Monday, Feb 17, 2003
Financial Daily from THE HINDU group of publications Monday, Feb 17, 2003 |
|
|
|
|
|
Mentor
-
E-Commerce & E-Business How money moves in e-commerce
A ROBUST payment solution system is a must for online business. Since there is no personal interaction between the buyer and the vendor, the system needs to provide simple, effortless and secure schemes to pay for online buys. Apart from being simple to deploy and use, these payment solutions must safeguard both the customer and the vendor against fake transactions. Typically, online transactions are initiated and handled through Merchant Accounts. These are analogous to bank accounts that allow companies to electronically collect and transfer funds based on their online transactions and are enabled by Merchant Account Providers. The tools used for realising online transactions include: i) physical terminal transaction systems; ii) software terminal transaction systems; and iii) virtual terminals or gateways. Physical terminals are typically used in stores to process credit cards. Such terminals comprise a magnetic strip reader and a keypad. The magnetic strip reader reads the credit card information (typically the PIN number) when the card is swiped in. A keypad is used to key in the transaction details to be printed in the cash receipts. Data is transferred through telephone lines and dialling up the processing servers to confirm that payment has been received. Software terminals are application programs that run on the buyer's PC. These application programs validate and process credit card charges and credits, after the credit ard information is received by the vendor through fax phone or mail. Data is transferred through modems and telephone lines. These terminals do not allow online real-time transactions (that is, the customer has to wait for an acknowledgment from the vendor after having sent the information). Moreover, there is no assurance that the information has reached securely and to the right hands. Some examples of such terminals include IC Verify and Tellan. Virtual terminals or gateways are application programs that run on the Payment Gateway service provider's servers. Such application programs allow a secure, encrypted method for transferring the credit card information in real-time. These are also incorporated into many online shopping cart applications. They provide reviews of previous transactions and generation of reports. The information submitted by the customer is stored in the service provider's server and it is their responsibility to securely store the credit card information. This reduces the merchant's liability. Cybercash, Signio Payments and Cybersource are some virtual terminal solution providers.
Electronic watchguards
Keeping pace with security threats is a chief requisite for an e-commerce site in order to win customers' trust and help them shed their apprehensions about online transactions. Data security fears have been highlighted after the many high-profile `cracker' attacks on leading e-commerce sites in the US. Most online businesses fear:
Encryptions, SET (Secure Electronic Transaction Protocol), SSL (Secure Sockets Layer Protocol) and establishing authorising models for payment gateways are some measures that have evolved for overcoming the security threats perceived in online transactions. Encryptions: Data security is of great importance, since the success or failure of an e-commerce operation depends largely on how a customer's private information is transferred and stored. One of the biggest fears of online customers is misuse of credit card numbers that are shared with the merchant at the time of online payments. Encryption is an effective means of ensuring data security and integrity by encoding the information that is being transmitted. Encrypting data prevents other people from reading the data. If eavesdroppers intercept data transmissions and manage to receive any user identification scheme, the data appears as gibberish to the hackers and they need huge processors to decode it. By the time they decode the data, if at all, the transaction is complete and they are unable to do any damage. Encryption systems are also becoming more and more complex, with currently 128-bit encryption being the norm. Even this is not a constant. Higher levels of encryption will evolve (256-bit is already available) to beat the hacker's access to more powerful computers, with Moore's Law working in favour of him, by doubling the PC's processor capacity every 18 months. Securing networks through SSL & SET: SSL (Secure Sockets Layer protocol) and SET (Secure Electronic Transaction protocol) are two popular protocols used in implementing network security for servers where online transactions are processed. SSL offers data encryption, server authentication, message integrity and client authentication facilities to prevent session hijacking and charge-backs. It is one of the most widely used protocols and is built into all major Web servers and browsers. These protocols establish internationally accepted standards for securing data transfer and thereby, gain customers' confidence in undertaking online transactions. (Edited extracts from IT Harmony. Book courtesy: The Institute of Chartered Accountants of India. www.icai.org)
Article E-Mail :: Comment :: Syndication
|
Stories in this Section |
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | Business Line | The Sportstar | Frontline | Home |
Copyright © 2003, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line
|