Chapter Five

E-Commerce Payment Systems

1
 Introduction
The basic requirements for conducting commerce over the Internet are
fairly simple :
A virtual storefront
The ability to accept payment
A fulfilment process to handle shipping and tracking and
Customer support
 There are numerous forms of electronic payment methods that e-
businesses and traditional businesses can consider.

2
 Traditional Payment Methods
Barter: payment method during early days by exchange of goods
and services.
Cash: payment through silver coin or paper money.
Check: a written order to a financial institution to pay money to the
bearer of the check from the account of the signer.
Credit card: rectangular plastic cards used instead of cash or checks
to pay for goods and services. They need clearinghouses such
as banks. Today, the two largest organizations are Visa and
MasterCard.
Debt card: look similar to credit cards, but the bank accounts of the
holders are directly debited (money is deducted from the
accounts) when transactions occur.
3
 Electronic Payment Methods
1. Electronic Cash: a method of payment in which a unique number or
identifier is associated with a given amount of money.
It is also called digital cash, e-cash, or cybercash.
It was developed as an alternative method to credit cards for purchases made
over the Internet.
The use of electronic cash requires the consumer to acquire an account
number or identifier, and then “electronically” deposit money to this account.
 When making purchases online, this number is then used for payment.
In recent years, e-cash has suffered from a lack of acceptance in the e-
business world. It is due to two factors:
1. Consumers should download digital wallets first to use them
2. More users are technologically savvy and have less interest in using e-cash.

4
 Other Forms of E-Cash
Reward Systems: consumers are given electronic dollars for purchasing from web
merchants, viewing ads, participating in surveys.
Electronic dollars can then be spent on programs or converted to real cashes to be
saved in bank accounts.
Micropayments: electronic cash payments that range from a few cents to US $10
are called micropayments.
E-mail Payments: both electronic cash and credit card payments can be sent by
e-mail. They are usually used in person-to-person transactions.
 For e-mail payments, an account is opened with a company specializing in person-to-
person payments, such as Bank One’s eMoneyMail or Wester Union’s MoneyZap.
The payer sends an e-mail status who the payee is, what amount is to be paid, and
where the money is to come from (credit card or bank account).
The payee receives a notification that the payment is available.
The payee logs into the payment service’s system and transfers the received amount into
her bank account electronically. 5
 Electronic Payment Methods Cont’d…
2. Electronic Checks (e-check): is the same thing as a paper check, except that it is
electronic, or online.
 It is an instruction to a financial institution to pay a given amount to the payee.
It therefore contains the same information we would see on a paper check, such as the
routing information, account number, check number, and amount of payment.
 Electronic checks are used extensively in B2B transactions for which companies do
not need to have a paper check.
All payments are made electronically between the buyer’s bank and the seller’s bank.
The main advantage of electronic checks is that they are substantially less expensive
to process than paper checks.
Companies known by processing e-check needs include PayByCheck, OnLine Check
Systems, EZ Check Guarantee, CyberSource, etc.
6
 Electronic Payment Methods Cont’d…
3. Prepaid Cards and Accounts: represent a new breed of traditional and electronic
payment methods that has grown in popularity in recent years.
 The principle is that cards are preloaded with specific amounts of money, which can
then be spent online or in brick-and-mortar stores.
Prepaid accounts can also be set up with online retailers for use on those retailers’
sites only.
This is appealing for consumers who do not have access to credit cards, choose not to
have credit cards, or want control over their expenses.
 A new version of the prepaid card that is gaining attention in Europe is the scratch
card preloaded with amount of money and sold in wrapped packages.
 Once the package is opened, there is a film that is scratched off, revealing a 16-digit
PIN (personal identification number), similar to scratching lottery tickets to discover
prizes.
7
 Credit Cards and Accounts
4.Credit Cards and Accounts: can be used both in traditional and electronic
transactions.
 Credits cards are the preferred method for online payments because they
are easy and convenient to use for both online and offline purchase.
Clearing this cards may lead to high risk factors. These factors include:
1. Lack of presence of cardholder: there is no signing the receipt unlike in the
traditional credit card which makes clearing the cards costly.
2. High-risk products or services: certain types of products or services are
considered higher risk such as security, privacy, cost-efficiency than others. If an e-
business is involved with one of these types of products, the companies issuing
credit cards may charge higher fees to protect themselves from the risk that the
money will never be collected from the card user.

8
 Cont’d…
Card Technologies: credit cards and prepaid cards typically use one of these two technologies.
 Magnetic cards: data is encoded and stored on the magnetic strips usually found on the back
of the cards. Three basic technologies are used : online strip, offline strip, and smart-card
hybrid. There are few disadvantages of magnetic cards such as vulnerability to damage,
scratches may render the card unreadable, and security since anyone with a reader can access
information.

Smart cards: instead of encoding and storing data using a magnetic strip, a computer chip is
included on the card itself. Smart cards are the same size as magnetic cards, but they can be used
to store a much larger quantity of financial or nonfinancial data, such as bank account
information, electronic cash, medical history, or network access identification. Like magnetic
cards, smart cards can be used online and offline.
There are actually two types of smart cards : memory smart cards and intelligent smart cards.
9
 Card Technologies Cont’d…
Memory smart cards: are used mainly to store information, just as magnetic
strip cards are.
They usually contain less information and have fewer processing
capabilities than intelligent smart cards.
However, they are less expensive to produce.
Intelligent smart cards: contain not only storage capabilities, but also
microprocessors that can be used for processing information and making
programmed decisions.
They are more expensive to produce.

10
 Advantages and Disadvantages of Smart Cards
Advantages Disadvantages
Store a lot of data (100 times a magnetic Cards can easily be stolen and
card can store). there is no way to recover the
Less vulnerable to external damage since amount loaded on the card.
data is stored internally on chips.
Can be used to store money for use at a The cards require special
number of different locations, and also equipment if they are to be used on
multiple currencies. the Internet with one’s personal
Smart cards holding a Telephone account computer, which adds to
or Money can be reloaded easily and customers’ costs.
remotely.
They are as light as credit cards, and the
amount that can be lost is limited to the
amount stored.
11
 Electronic Payment Security Technologies
The basic security feature used for exchange of credit card information online is encryption.
For a merchant to verify the legitimacy of the user, two technologies can be used; digital
signatures and digital certificates.
Digital Signature: is a unique code attached to an electronically transmitted message that
identifies the sender.
This unique code, called a hash, is generated through the encryption techniques.
They use public key cryptography to generate a number (the hash or message digest) based
on the document that is being sent.
Digital Certificate: is an electronic document that verifies the sender or receiver’s identity
similar to a passport or a driving license.
A number of different data can be stored in a certificate, including name, serial number, a
copy of the entity’s public key, a digital signature, and expiration date for the certificate.
Bodies known as Certifying Authorities (which can be institutions or softwares) are used to
assure legitimacy of entities.
12
 Digital Certificate Cont’d…
There are a different types and classes of digital certificates.
Certificates that serve as verification of a Web server’s identity are called
Site Certificates.
When users want to prove their identity, they make use of a Personal
Certificate.
The certifying authorities themselves have certificates called Certifying
Authorities Certificates.
Finally, the certificates generated by software publishers for their software
products are called Software Publisher Certificates.

13
(A) Digital Signature (B) Digital Certificate
14
Electronic Payment Security Technologies Cont’d…
There are two standards for encryption and security that particularly apply to
electronic payments :
(i) Secure Sockets Layer (SSL): provides server-side encryption and authentication
for electronic payments (and other types of Internet communications).
SSL is a protocol designed to provide a secure connection between the sender and
receiver of information.
The secure channel provided by SSL between the sender and the receiver has three
basic properties :
 The channel is private. Once the channel is secured through encryption, it is dedicated to the
actual transaction.
 The channel is authenticated. Using digital certificates and signatures, the server endpoint is
always authenticated, while the client endpoint might use digital signatures as well.
 The channel is reliable. There is an integrity check designed into the protocol to ensure that
the message received accurately reflects the message sent.
15
Electronic Payment Security Technologies Cont’d…
(ii) Secure Electronic Transaction (SET): another security protocol specifically designed
for handling encrypted electronic payments online.
SET uses digital certificates to authenticate the identity of all participants in the
transaction.
There are three participants in the SET model : the consumer or cardholder, the merchant
or seller, and the payment gateway or clearinghouse (which processes payment
information), in addition to the certificate authority (which issues certificates and verifies
their authenticity).

16
 Digital Wallets
 Also known as an electronic wallet or e-wallet, is a software that encrypts payment
information and stores it in a file.
 The e-wallet can be stored on the client side (the consumer’s personal computer), or on the
server side (the e-business’ server).
 For the consumer, a digital wallet simplifies the online checkout process once products
have been selected for purchase.
 A simple click inserts the e-wallet information into the payment forms on the merchant’s
Website.
 A number of e-wallet applications are available on the Web, usually for free or minimal
fees. Example SAFLINK’s Jotter, Microsoft’s Passport, QWallet.com’s Q*Wallet.

17