Skip to main content

SET (Secure Electronic transactions) [Ecommerce Notes]

When it comes to e-commerce, first thing with pings someone mind is security!! Industry gurus have been putting heart n soul, in order to address this concern. SET was one of endeavor on same lines.


Secure Electronic Transaction (SET) is a standard protocol that is used for securing credit card transactions over insecure networks. With the increase in security concerns over Internet SET has emerged as popular protocol for addressing transactions over Internet. Please note clearly, SET itself is not a payment system. It is a a set of security protocols and formats that enables users to employ the existing credit card payment infrastructure on an open network in a secure fashion!

SET, developed by VISA and MasterCard (Credit card leaders) is based on X.509 certificates having several extensions. [Just FYI: X.509 is an ITU-T standard for a public key infrastructure (PKI. It specifies standard formats many things such as public key certificates, attribute certificates etc…]

SET features

SET has been developed with following features:
  • Maintains confidentiality of information: Information is provided only to the concerned recipent.
  • SET takes care of Integrity of data.
  • SET employs a particular subset of protocol for carrying out cardholder account authentication.
  • SET employs a particular subset of protocol for carrying out Merchant authentication.
Understanding SET Protocol SET itself is a family of protocols. The major ones are used for important tasks such as cardholder registration, merchant registration, purchase request, payment authorization, and payment capture. Apart from these major ones there are many minor protocols that are used for conducting tasks like error handling. SET is little complicated than its counterparts such as SSL. Because of this complexity this protocol is hardly used. However, it contains many features of interest such as :
  • The model is different from the others. In the registration protocols, the applicant do not need to possesses any digital proof for his identity. He just needs to authenticates himself by filing a simple registration form. Authentication is done outside this protocol when the cardholder’s bank examines the completed form.
  • An important innovation that has been introduced in SET is the dual signature. Like electronic signature dual signature is used to guarantee the authentication and integrity of data. Dual signature links two messages that are intended for two different recipients. A customer needs to send the order information (OI) to the concerned merchant and the payment information (PI) to the corrosponding bank. Through this dual signature the receipent only gets to know information he requires rather then getting any other information of the sender. E.g. The merchant does not need to get information about customer's credit card details where as bank does not need to know the details of the customer's order. However, a link is needed so that the customer can prove that the payment is intended for this order.
  • SET also uses several types of digital envelopes. It can be understood as an encrypted message that uses both secret key and public key cryptography methods. The secret key is used for encrypting and decrypting the message where as the public key method is meant for sending the secret key to the other party. A digital envelope includes two parts:

    1. One part is encrypted using a public key which contains a fresh symmetric key K and identifying information.
    2. Other part is encrypted using K which conveys the full message text.
      SET employs cryptographic techniques to provide security during a online transaction. Digital certificates and public key cryptography are commonly used to allow parties for authenticating each other and for exchanging information in a secure manner. You must be curious to know how SET works.
Labels:

Comments

Post a Comment

Popular posts from this blog

Advantages and Disadvantages of EIS Advantages of EIS Easy for upper-level executives to use, extensive computer experience is not required in operations Provides timely delivery of company summary information Information that is provided is better understood Filters data for management Improves to tracking information Offers efficiency to decision makers Disadvantages of EIS System dependent Limited functionality, by design Information overload for some managers Benefits hard to quantify High implementation costs System may become slow, large, and hard to manage Need good internal processes for data management May lead to less reliable and less secure data
1 comment
Read more

Inter-Organizational Value Chain

The value chain of   a company is part of over all value chain. The over all competitive advantage of an organization is not just dependent on the quality and efficiency of the company and quality of products but also upon the that of its suppliers and wholesalers and retailers it may use. The analysis of overall supply chain is called the value system. Different parts of the value chain 1.  Supplier     2.  Firm       3.   Channel 4 .   Buyer
Post a Comment
Read more

CONCEPTUAL VIEW OF MIS

The concept is a blend of principles, theories and practices of management, information and system giving rise to a single product called MANAGEMENT INFORMATION SYSTEM . The concept of management gives high regard to the individual and his ability to use the information. MIS gives information through data analysis. While analyzing the information, it relies on many academic disciplines like management science, OR, organization behavior, psychology, etc. The foundation of MIS is the principles of management and its practices. MIS uses the concept of management control in its design and relies heavily on the fact that the decision maker is a human being and is a human processor of information. A MIS can be evolved for a specific objective it is evolved after systematic planning and design. It calls for an analysis of business, management views and policies, organization culture and the management style. The MIS,therefore relies heavily on systems theory.The systems theory offers soluti
Post a Comment
Read more