Encryption Card Base Systems

With the advancement of technology and evolution of encryption techniques, the scene is changing. We. have talked about encryption and, that how it is helpful in electronic payment systems, when we studied e cash. Encryption is of high use in credit card based transactions as well. Encryption begins as early as sending the credit card number to the merchant. The credit card number is first encrypted in the browser itself, before it travels through the network. But does this ensure overall security of the whole transaction? No. We would need a much more extended use of encryption for that. Secondly, our aim of improving the speed of the transaction has not been achieved in any sense. Another problem faced during such transactions is: What if the cardholder refutes to pay up after the transaction is over, saying that he did not do the transaction?

Encrypted authentication check We would also need to ensure that signatures of authorization be verified. Thus to make a credit card transaction secure, non refutable and fast, certain variations have been done to it . In the new system, each consumer and merchant has a public key and a private key. The public key is distributed to the credit card company, which maintains a public key server. The private key is now re encrypted with a password and the unencrypted version is erased. This password protection is recognized as the official signature of the customer. This provides a double cover, since now a thief would have to steal not only the. consumer's, private. key,, but the password as well. Whenever the consumer wants to buy something from the vendor, he sends the following data:

1. The credit card number with proper authentication.
2. The amount of transaction he has agreed upon.
3. The name of the merchant he is dealing with.
4. The particular product for which he has agreed to pay
5. The time at which he has agreed for the transaction.

He encrypts all the following data with is private key and sends it to the merchant. Since the merchant does not have access to the consumers public key, Mere is no way that he can read the credit card number and try to do any fraud. The merchant will now encrypt the same message with his private key and send it to the acquirer bank, which has access to his public key. The bank will now de crypt the merchant's encryption and send it to the issuing bank, which has the customer's public key. The issuing bank will decrypt it authenticate it, and send a response back to the acquirer. The banks can now encrypt with the public keys they have, and the decryption could be done only through their respective clients. So in this way, on the way back, the message will carry a confirmation with the merchant to go ahead and a declaration to the customer that his transaction has been billed. The merchant will immediately receive his due amount with the confirmation.

This system is very close to being fool proof The consumer can never claim that he did not resolve in the transaction since his signature is present, the merchant can not bill twice as the transaction has a date and time clause attached to it and he has no way of knowing any customer, details as he does not have access to the public key and no hacker can make any use out of the data if he manages to sniff it from the network.

Encrypted card transactions take care of our basic needs of security, non refutability, and fraud prevention. But where does higher speed of transactions achieved? And we know that micro payments are not feasible for credit cards, so is there a way we can start doing micro payments through cards? For this came the theory of third party authentication.

Domain Name Search