Secure Electronic Transaction - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Secure Electronic Transaction

Description:

SETv1 emerged from a call for standards by Visa and ... Verisign. What It Does. Provides secure communications channel among all parties to a transaction ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 11
Provided by: Pau163
Category:

less

Transcript and Presenter's Notes

Title: Secure Electronic Transaction


1
Secure Electronic Transaction
  • SET

2
Beginnings
  • Open encryption and security specification
  • SETv1 emerged from a call for standards by Visa
    and MasterCard in 1996
  • Companies Involved included
  • IBM
  • Microsoft
  • Netscape
  • RSA
  • Verisign

3
What It Does
  • Provides secure communications channel among all
    parties to a transaction
  • Provides trust by the use of X.509 certificates
  • Ensures privacy by providing to each user only
    what the user needs i.e., the merchant does not
    get the Visa number

4
SET Participants
  • Cardholder
  • Merchant
  • Issuer of card
  • Acquirer bank that has an account with the
    merchant. Tells merchant that a given card is
    valid and transaction does not exceed limit
  • Payment gateway interface between set and
    existing bankcard payment networks
  • Certification Authority issuer of X.509 public
    key certificates for cardholders, merchants,
    payment gateways

5
Preliminaries
  • Customer obtains credit card
  • Customer receives an X.509 certificate from the
    issuing bank.
  • specifies the cardholders RSA public key
  • Guarantees a relationship between the customers
    key pair and the credit card
  • Merchant obtains
  • obtains two certificates for two public keys, one
    for signing messages, one for key exchange
  • Copy of the gateways public-key certificate

6
Ordering
  • Customer places an order
  • Merchant sends a copy of its certificate to the
    customer verifying the merchants authenticity
  • Customer sends order and payment along with
    customer certificate. Payment information cant
    be read by merchant. Customer certificate lets
    merchant verify customer

7
Paying
  • Merchant sends payment information to payment
    gateway
  • Merchant confirms order with customer
  • Merchant provides goods
  • Merchant request payment

8
Key Feature Dual Signature (DS)
  • Merchant needs order information (OI) but does
    not need details of payment information (PI)
  • Bank needs payment information but does not need
    details of order information
  • DS ECust-priv(H(H(PI) H(OI)))
  • Customer sends
  • DS
  • hash of the PI
  • Customers certificate (containing public key and
    gotten from the issuing bank)
  • Merchant computes
  • H(H(PI) H(OI))
  • DCust_pub(DS)
  • If this equals what the customer has sent, the
    customer is verified
  • Bank performs a similar computation to verify the
    customer

9
In Sum
  • Merchant received the order information and
    verified the signature
  • Bank received the payment information and
    verified the signature
  • Customer has linked the order information and the
    payment information

10
From
  • Stallings, W. (2003). Cryptography and Network
    Security. Upper Saddle River, NJ Prentice Hall.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Secure Electronic Transaction" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!