StoredAccount Payment Systems - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

StoredAccount Payment Systems

Description:

... is labeled with two different unique PayPal merchant identifiers ... The user present them to PayPal to prove that he/she is indeed the genuine card holder ... – PowerPoint PPT presentation

Number of Views:126
Avg rating:3.0/5.0
Slides: 25
Provided by: ellise
Category:

less

Transcript and Presenter's Notes

Title: StoredAccount Payment Systems


1
Stored-Account Payment Systems
  • Payment Systems that support SET
  • Backed by Visa and MasterCard
  • American Express also adopted SET
  • SET market acceptance is wanting
  • Complexity of the specification complex software
  • PKI all participants need certificates
  • Legacy system of financial industry is not
    compatible with SET
  • Using SET with smart cards in Europe
  • Simplifying SET is ongoing
  • Payment systems over SSL
  • Merchant can be authenticated by its certificate
  • Prevent attackers masquerades merchant to capture
    card details
  • Buyer-merchant communication is encrypted
  • Prevent attackers intercepts card details

2
Centralized Account Payment
  • Both the payer and payee hold accounts at the
    same centralized on-line financial institution
  • The payer securely connects to the bank, and
    informs it to move a certain amount from the
    payers account into the payees account
  • The bank subtract an amount from one account and
    add the amount to another account
  • Drawback all participants must have an account
    with the same payment system
  • Centralized account model is popular on the
    internet
  • PayPal, Yahoo! PayDirect, InternetCash, CyberGold
  • Used by Amazon.com, eBay, AOL QuickCash

3
Funding the Account
  • The on-line accounts are not real bank account
  • They are not governed by national banking
    regulations
  • They do not provide the facilities of a real
    certified bank
  • They are typically limited 10,000 or less
  • The most popular method of funding an on-line
    account is to use a payment card
  • Credit card or debit card
  • Authentication of credit card owner is necessary
  • Other methods of funding
  • Transfer funds from a regular bank account
  • Prepaid card from a physical store

4
Card Owner Authentication
  • International credit card owner authentication by
    PayPal
  • The user sign up
  • PayPal sends two credit lodgments to the credit
    card account
  • Each deposit is a small random amounts between 1
    cent to 99 cents
  • Each transaction is labeled with two different
    unique PayPal merchant identifiers
  • The user query his/her credit card account
    statement to obtain the credit amounts and
    merchant identifiers
  • The user present them to PayPal to prove that
    he/she is indeed the genuine card holder

5
Account Transfer Authentication
  • User-to-User payment
  • Account holder is authenticated using an account
    identifier and a password
  • Email address may be used as account identifier
  • All communication is over SSL
  • Payment procedure
  • Payer log on the centralized account system
  • Payer authorize payment transfer
  • The payee are notified by email
  • A email confirmation is sent to payer
  • Payee log on the centralized account system to
    verify the payment

6
Account Transfer Authentication (continued)
  • User-to-Merchant payment
  • Customer shop inside merchants website
  • Customer select payment system
  • Merchants web server redirect the costumer to
    payment system with transaction details
  • Customer log on payment system and authorize the
    payment
  • Payment system redirect customer to merchants
    website and send payment indication to merchants
    server
  • Merchant deliver goods or service

7
CyberCash
  • http//www.cybercash.com
  • Founded in 1994 to provide software and service
    solutions for secure financial transactions over
    the Internet
  • Acquired by VeriSign in 2001
  • CyberCash wallet
  • A client software runs alongside browser
  • Aims to make purchase as transparent as possible
    to the user by hiding the details of the payment
    steps and message
  • CyberCash persona
  • Unique CyberCash ID and pass phrase for every
    user (customer and merchant)
  • Map the user's private/public key pair
  • Unlock wallet
  • Emergency close-out in case of fraud

8
CyberCash Model
From Donal OMahony, et al., "Electronic Payment
Systems"
9
Payment steps
Consumer
Merchant
CyberCash Server
Finish shopping
Order form
Credit-card data
Forward details
Authorize clear with bank
Issue receipt
Log transaction
10
Payment steps (continued)
  • A CyberCash purchase
  • Customer click on "Pay" in a browser
  • Payment-Req (PR)
  • From the merchant to the buyer to launch the
    CyberCash wallet
  • Contains summary of the order signed by the
    merchant
  • The signature is verified by CyberCash server
    later
  • Credit card payment (CH1)
  • From the buyer to the merchant
  • Contains card data, a hash code of the order, and
    merchant's signature on the order
  • encrypted by public key of CyberCash server
    (PKcs)
  • Signed by the buyer

11
Payment steps (continued)
  • Auth-Capture
  • The merchant forward the encrypted data to
    CyberCash server
  • The server verify
  • Buyer's signature and card data
  • Merchant's signature on the order details
  • Charge-Action-Response
  • After having authorized and captured the purchase
    in the bank network
  • From the server to the merchant
  • Contains unsigned receipts for the merchant and
    buyer
  • Charge-Card-Response (CH2)
  • The merchant forwards the unsigned receipt from
    the server to the buyer

12
Payment steps (continued)
  • Binding credit cards
  • A cardholder must register his/her credit card to
    CyberCash persona
  • Message from customer to CyberCash server
  • Kdes(card detail), PKcs(Kdes)
  • Validation with issuer
  • Message from CyberCash server to the customer
  • Kdes(Success/Failure, card detail)
  • CyberCash plan to update their payment protocol
    to be SET-compatible

13
Stored-Value Payment Systems
  • What is it?
  • Electronic Cash
  • Hard-currency systems over an electronic medium
  • Pros and cons
  • Payment can be instantaneous and potentially
    anonymous
  • Cost per transaction is smaller
  • Support low-value transaction
  • The proximity of payer and payee is not an issue
    for electronic payments
  • Anonymous but traceable
  • Provides privacy of purchases while discouraging
    illicit sales

14
Stored-Value Payment Systems (continued)
  • High-security risks
  • Anonymous payment is the favorite method of all
    criminals
  • The key is to balance upholding individual
    privacy with discouraging illicit activities
  • Counterfeit money is indistinguishable from
    e-cash minted by an authorized issuing bank
  • If it is generate from compromised secret key
  • High potential for undetected fraud
  • Off-line stored-value payment system double
    spending

15
How E-cash works
  • E-cash is typically stored in an electronic
    device
  • hardware token
  • Secure processor and nonvolatile memory
  • Load the token with money
  • Connect to bank bank terminal and withdraw from
    their own account
  • Similar to taking cash out of an ATM
  • Make payment using e-cash
  • Offline transaction
  • Buyer's hardware token interface with seller's
    device
  • Buyer's device decrease while seller's device
    increase by the equivalent amount
  • Online transaction
  • Buyer's hardware token connect to seller's bank
    account
  • Buyer's device decrease while seller's account
    increase by the equivalent amount

16
Securing E-Cash
  • Main security concern
  • Physical tampering of the device to add value
  • Physically shield the device
  • Protocol-based attack that mimics a paying device
  • Replay attack
  • To counter the replay attack secure
    authentication protocol by using a key
  • Symmetric key Encryption
  • Symmetric key shared by paying device and
    receiving device
  • Bank issue a randomly generated master key to all
    of its hardware devices
  • The symmetric key for the transaction is a
    function of each device's unique identifier and
    the master key

17
Securing E-Cash (continued)
  • The receiving device can regenerate the symmetric
    key based on unique identifier and the master key
  • Can trace and effectively blacklist compromised
    key
  • To counter replay attack challenge (nonce)
    response system
  • Public key Encryption
  • Public key of receiving device for encryption
  • Private key of paying device for signature
  • To counter replay attack A challenge is signed
    by paying device

18
Representing E-Cash
  • Register-based cash
  • A value stored in a counter of a hardware device
  • To counter physical attack
  • Encode the data stored in memory
  • Electronic coins
  • Discrete values of cryptographic tokens
  • Each of some denomination
  • A unique serial number is assigned to each coin
    and signed by the issuing bank
  • A different signature is used for each currency
    denomination
  • Each coin can only be used one time
  • Recipient can no longer spend the coin but can
    redeem it with the issuing bank for a new
    electronic coin

19
eCash?
  • eCash (www.ecash.com)
  • A stored-value cryptographic coin system for
    internet-based commerce
  • eCash can withdraw from consumer's bank account,
    store in his computer, and transfer to another
    person
  • Double spending
  • Digital representation of money can be perfectly
    duplicated
  • Counter double spending issuing bank
    authentication
  • Verify the coins being used in a transaction has
    not already been spent before while protect
    payer's privacy
  • Key technique Blind signature

20
Blind Signature
  • Sample steps in purchase of eCash
  • Customer generate a note number of the eCash,
    usually via a random number generator
  • Consumer mint his/her own eCash
  • Bank digitally signs on the note number, after
    getting money from customer, this create the
    eCash
  • To protect consumer's privacy, the bank must be
    infeasible to know the note number
  • Blind signature technique is used banks signs
    on something he doesnt know the detail !!!
  • Customer got the eCash
  • The value of coin is represented by the bank's
    digital signature

21
Using eCash
  • Main problem how to prevent double spending
  • The bank is involved in order to authenticate
    eCash
  • Trilateral transactions
  • Customer sends 'notes' to merchant, (i.e., M)
  • Customer does not sign the 'notes'
  • Merchant sends 'notes' to bank
  • Bank verifies that the 'notes' is not used before
  • A global database for spent eCash
  • Bank issues new e-cash to merchant, or credit
    merchant's account
  • Bank records customer's 'notes' is spent
  • Disadvantages
  • needs a global database of spent e-cash, hard to
    be cost-effective for micro-payment

22
Using eCash (continued)
  • eCash provides the payer anonymity but not
    anonymity of receiving eCash
  • Make purchasing illegal goods or services
    possible over the internet with impunity
  • Cannot identify the purchaser
  • Provides little incentive for selling illegal
    goods or services
  • Purchaser knows the note number of the eCash
  • Bank records the note number when the payee
    authenticates them
  • The purchaser can indisputable "finger" a seller
    of illegal goods and merchandise on the internet
  • The fingering also implicate the purchaser

23
Perfect Crime with eCash
  • Bruce Schneier's description of a perfect crime
  • An anonymous kidnapper takes a hostage
  • The kidnapper then prepares a large number of
    blinded coins
  • These are sent anonymously to the bank as a
    ransom demand
  • The bank signs the coins due to the hostage
    situation
  • The kidnapper demands that the signed blinded
    coins be published in a public place such as a
    newspaper or on television
  • This will prevent the pick-up being traced.
    Nobody else can unblind the coins
  • The kidnapper can safely take the blinded coins
    from the newspaper or television and save them on
    computer
  • The coins are then unblinded and the kidnapper
    now has a fortune in anonymous eCash

24
Next Session Highlights
  • Internet Security
Write a Comment
User Comments (0)
About PowerShow.com