CHAPTER

6
[Please insert any
relevant photo
around this box]

Online payment
systems
Subtopics:-
6.1 Online payment basics
6.2 E-Cash
6.3 E-Wallet
6.4 Store value card
6.5 Internet Technologies and the banking industry

6.1 Online payment basic

Cash, checks, credit cards, and debit cards account make up more than 90 percent of all
consumer payments in the United States.

Most popular consumer electronic transfers are automated payments of:

 Auto loans
 Insurance payments
 Mortgage payments made from consumers’ checking accounts

69 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
Scrip: Any substitute for currency which is not legal tender, and is often a form of credit.
For example:
 Digital cash minted by a company instead of by a government
 Gift certificates or gift cards
 Subway tokens or arcade tokens

Payment Cards

 The term payment card describes all types of plastic cards used to make
purchases
• Credit card-Has a spending limit based on a user’s credit history
• Debit card-Removes an amount from a cardholder’s bank account
-Transfers it to the seller’s bank account
• Charge card-Carries no spending limit
-Amount charged is due at the end of the billing period

Advantages and Disadvantages of Payment Cards

• Advantages: -Widespread acceptance

-Usually have built-in security for merchants
• Disadvantage: -Payment card service companies charge merchants per-transaction
fees and monthly processing fees

Payment Acceptance and Processing

Steps followed once a merchant receives a consumer’s payment card information:

• Merchant authenticates payment card
• Merchant checks with payment card issuer
 To ensure that credit or funds are available
 Puts a hold on the credit line or the funds needed to cover the charge
• Settlement of balance with the issuer

Open and Closed Loop Systems

Closed loop systems- Card issuer pays the merchants that accept the card directly and
does not use an intermediary
Open loop systems- Involve three or more parties (e.g., systems using Visa or MasterCard)

70 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
Merchant Accounts

To process payment cards for Internet transactions an online merchant must set up a
merchant account
New merchants must supply:
 Business plans
 Details about existing bank accounts
 Business and personal credit histories

Processing Payment Cards Online

• Internet Secure- Provides secure payment card services

• First Data- Provides merchant payment card processing services with the following
programs: ICVERIFY and WebAuthorize

Banks connect to an Automated Clearing House (ACH) through highly secure, private
leased telephone lines.

Figure 6.1: Processing a payment card transactions

6.2 Electronic Cash

Term that describes any value storage and exchange system created by a private entity
that:
 Does not use paper documents or coins
 Can serve as a substitute for government-issued physical currency

Micropayments and Small Payments

• Micropayments- Internet payments for items costing from a few cents to around $1
• Small payments- Payments of less than $10

71 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
Privacy and Security of Electronic Cash

• Concerns about electronic payment methods include:

 Privacy and security
 Independence
 Portability
 Convenience
• Advantages of electronic cash include being:
 Independent and portable
 Transactions are more efficient
 Costs less than processing credit card transactions
• Disadvantages of electronic cash:
 No audit trail
 Money laundering and fraud
 Susceptible to forgery

Holding Electronic Cash: Online and Offline Cash

• Online cash storage-Trusted third party is involved in all transfers of electronic cash
-Holds consumers’ cash accounts
• Offline cash storage-Virtual equivalent of money kept in a wallet
-No third party is involved in the transaction
• Double-spending-Spending electronic cash twice

Providing Security for Electronic Cash

• Cryptographic algorithms- Keys to creating tamperproof electronic cash that can be

traced back to its origins
• Anonymous electronic cash- Electronic cash that cannot be traced back to the
person who spent it
• Creating truly anonymous electronic cash- Requires a bank to issue electronic cash
with embedded serial numbers

72 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
 Fig 6.2: Detecting double spending on Electronic

Electronic Cash Systems

• CheckFree-Largest ACH (Automated Clearing House) in the world

-Provides online payment processing services
• Clickshare-Clickshare allows a consumer to have one account at a most-trusted
website and buy from other websites without having to pass around a credit-card
number, register or give out personal information. One ID, one account, one bill.

PayPal

 Founding in 2000 and purchased by eBay in 2002

 Provides payment processing services to businesses and to individuals
 Peer-to-peer (P2P) payment system
 Free payment clearing service for individuals

Fig 6.3: PayPal home page

73 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
6.3 Electronic Wallets

Hold credit card numbers, electronic cash, owner identification, and contact information.
Give consumers the benefit of entering their information just once.

Make shopping more efficient.

 Server-side electronic wallet
 Stores a customer’s information on a remote server belonging to a
particular merchant or wallet publisher
 Client-side electronic wallet
 Stores a consumer’s information on his or her own computer

Microsoft .NET Passport

An electronic wallet operated by Microsoft

Passport consists of four integrated services:
 Passport single sign-in service (SSI)
 Passport Wallet service
 Kids Passport service
 Public profiles
Yahoo! Wallet

Server side electronic wallet offered by Yahoo!. Lets users store information about several
major credit and charge cards. Many industry observers and privacy rights activist groups
are concerned about electronic wallets.

W3C Micropayment Standards Development Activity

Common Markup for Micropayment Per-Fee-Links

 Standards developed by W3C Electronic Commerce Interest Group (ECIG)
 Provide extensible and interoperable way to embed micropayment
information in a Web page
Extensible system
 One that developers can add to (or extend) without voiding any earlier work
on the system

74 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
The ECML Standard

Electronic Commerce Modeling Language is a protocol that dictates how online retailers
structure and setup their checkout forms
 Proposed alternative standard that would replace electronic wallet standards with
a single standard

6.4 Stored-Value Cards

Stored-value cards can be an elaborate smart card with a microchip that records a
currency balance.
Common stored-value cards include:
 Prepaid phone, copy, subway, and bus cards

Magnetic Strip Cards

Magnetic strip cards

 Cannot send or receive information
 Cannot increment or decrement value of cash stored on the card
 Processing must be done on a device into which the card is inserted

Smart Cards

Stored-value cards that…

 Can hold private user data, such as financial facts
 Can store about 100 times more information than a magnetic strip plastic card
 Safer than conventional credit cards

Fig 6.4: Octopus Smart card information on the Hong Kong City

75 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s
Smart Cards

Smart Card Alliance:

 Promotes benefits of smart cards
 Promotes widespread acceptance of multiple-application smart card
technology
 Members include companies in banking, financial services, computer technology,
and healthcare
 Promotes compatibility among smart cards, card reader devices, and
applications

6.5 Internet Technology and the Banking Industry

Paper checks
 Used to make the largest dollar volume payments
Check Clearing for the 21st Century Act (Check 21)
 Permits banks to eliminate the movement of physical checks entirely
 That’s why Wal-mart returns your check to you after the
transaction is finished
Phishing Attacks

Phishing expeditions create a significant threat to online financial institutions and their
customers
Basic structure:
 Attacker sends e-mail messages to a large number of recipients
 Message states that an account has been compromised and the matter should
be corrected
 Message includes a link
 User enters a login name and password, which the perpetrator captures
 Once inside a victim’s account, the perpetrator can access personal information

Phishing Attack Countermeasures

 Most important step that companies can take today is to educate Web site users
 Many companies contract consulting firms that specialize in anti-phishing work
 Anti-phishing technique
 Monitor online chat rooms used by criminals

76 | P a g e C h a p t e r 6 : O n l i n e P a y m e n t S y s t e m s