UNIT 3

Introduction
 Introduction,
 IT and business,
 E-commerce: Concepts
 Electronic Communication,
 Internet and intranets.
 EDI to E-commerce.
 Concerns for E-commerce Growth, Technical issues, Security issues.
 Security Technologies: Cryptography, Public Key Algorithms, Private Key
Algorithms, Hashing techniques, Cryptographic Applications, Encryption,
 Digital Signature
 Protocols for Transactions.
 SSL-Secure Socket Layer, SET-Secure Electronic Transaction.
 Cyber Cash,
 Dig cash.
IT

 Information technology (IT) is the use of computers to store, retrieve, transmit, and
manipulate data or information. IT is typically used within the context of business
operations as opposed to personal or entertainment technologies. IT is considered
to be a subset of information and communications technology (ICT). An information
technology system (IT system) is generally an information system, a
communications system, or, more specifically speaking, a computer system
 Business
 A business is defined as an organization or enterprising entity engaged in commercial,
industrial, or professional activities. Businesses can be for-profit entities or they can
be non-profit organizations that operate to fulfill a charitable mission or further a social
cause.

 The term "business" also refers to the organized efforts and activities of individuals to
produce and sell goods and services for profit. Businesses range in scale from a sole
proprietorship to an international corporation. Several lines of theory are engaged with
understanding business administration including organizational behavior, organization
theory, and strategic management.
E-COMMERCE

 Internet has become an important medium for doing global business based on
the state of the art technology. Global business was conducted in a new way:
electronically, using networks and the Internet. The availability of Internet has
led to the development of E-Commerce (Electronic commerce), in which
business transactions take place via telecommunication networks. E-
Commerce has two major aspects: economical and technological. The stress
of this course will show you how to get started in the complex and exciting
world of Electronic Commerce. New standards and new facilities are
constantly emerging and their proper understanding is essential for the
success of an operation and especially for those who are assigned a duty to
select, establish, and maintain the necessary infrastructure.
 Concepts of E commerce
 Electronic commerce is an emerging model of new selling and merchandising tools in
which buyers are able to participate in all phases of a purchase decision, while
stepping through those processes electronically rather than in a physical store or by
phone (with a physical catalogue). The processes in electronic commerce include
enabling a customer to access product information, select items to purchase, purchase
items securely, and have the purchase settled financially. It is an emerging concept that
describes the process of buying and selling or exchanging of products, services; and
information via computer networks including the Internet.
 E-commerce is basically, doing business-as-usual, but across the Internet. You
advertise your products or services on your Web site, as you would in any other media
like newspapers, TV or brochures. Advertising on your Web site can be done in two
ways.
• The first is by use of a relatively simple Web site consisting of a few pages whereby
you tell potential customers who you are, what you do, where you are and how they
can contact you ( easiest done by giving them your email address).
• The second way of enabling world-wide customers to buy from you is to provide them
with an On-Line Catalogue of your products which they can browse at their leisure
without having to go to your place of business.
 On-Line Catalogue:
 On-Line Catalogue is that catalogue where people access via the Internet. On-Line
Catalogue is an integral part of website, enabling customers to...
• Browse through stock list, read about an item or service;
• Look at photographs of the products.
• Select which items they want to purchase
• And drop them into a shopping cart as they go along.
• When they have completed their shopping, they go to the
• Check-Out.
 The next step is to request the order by filling in their details and method of payment on a
form which is waiting for them at the Check-Out. The form is already partially completed
with a breakdown of the items in their shopping cart, prices inclusive of tax, and shipping
& handling charges, if any. If they choose to pay by credit card, the form includes a place
for them to fill in their credit card number. And then, with one press of a button, they send
the order to you.
 Electronic Commerce under different perspectives:
 Let’s see how Electronic Commerce (EC) is defined under each perspective.
 1. Communications Perspective
 EC is the delivery of information, products /services, or payments over the telephone lines,
computer networks or any other electronic means.
 2. Business Process Perspective
 EC is the application of technology toward the automation of business transactions and
work flow.
 3. Service Perspective
 EC is a tool that addresses the desire of firms, consumers, and management to cut service
costs while improving the quality of goods and increasing the speed of service delivery.
 4. Online Perspective
 EC provides the capability of buying and selling products and information on the internet
and other online services.
Classifications of E-Commerce Applications
 -Commerce systems include commercial transactions on the Internet but their scope is much wider than this;
they can be classified by application type:
 Electronic Markets:
 The principle function of an electronic market is to facilitate the search for the required product or service.
Airline booking systems are an example of an electronic market.
 Electronic Data Interchange (EDI):
 Electronic Data Interchange (EDI) is the electronic exchange of business documents in a standard, computer
processable, universally accepted format between-trading partners.
 EDI is quite different from sending electronic mail, messages or sharing files through a network. In EDI, the
computer application of both the sender and the receiver, referred to as Trading Partners (TPs) have to agree
upon the format of the business document which is sent as a data file over electronic messaging services.
 The two key aspects of EDI that distinguish it from other forms of electronic communication, such as electronic
mail, are:
1. The information transmitted is directly used by the recipient computer without the need for human intervention
is rarely mentioned but often assumed that EDI refers to interchange between businesses. It involves two or
more organization or parts of organization communicating business information with each other in a common
agreed format.
2. The repeated keying of identical information in the traditional paper-based business.
EDI
 Communication creates a number of problems that can be significantly reduced through the
usage of EDI. These problems include: -
• Increased time
• Low accuracy
• High labor charges
• Increased uncertainty.
 To take full advantage of EDI’s benefits, a company must computerize its basic business
applications. Trading partners are individual organization that agrees to exchange EDI
transactions. EDI cannot be undertaken unilaterally but requires the cooperation and active
participation of trading partners. Trading partners normally consists of an organization’s
principal suppliers and wholesale customers. Since large retail stores transact business with
a large number of suppliers they were among the early supporters of EDI. In the
manufacturing sector, EDI has enabled the concept of Just-In-Time inventory to be
implemented. JIT reduces inventory and operating capital requirements.
 EDI provides for the efficient transaction of recurrent trade exchanges between commercial
organizations. EDI is widely used by, for example, large retail groups and vehicle assemblers
when trading with their suppliers.
Types of ecommerce

 There are a number of different types of E-Commerce

• B2B - Business to Business B to B
• B2C - Business to Consumer
• C2B - Consumer to Business
• B2E - Business to Employee
• C2C - Consumer to Consumer
Technical issues and security issues

 Hardware awareness
 Software awareness
 Website awareness
 https imp
 Use virtual keyboard
 B2B - Business to Business
 E-commerce has been in use for quite a few years and is more commonly known as EDI (electronic data
interchange). In the past EDI was conducted on a direct link of some form between the two businesses
where as today the most popular connection is the internet. The two businesses pass information
electronically to each other. B2B e-commerce currently makes up about 94% of all e-commerce
transactions.
 Typically in the B2B environment, E-Commerce can be used in the following processes:
• Procurement;
• order fulfilment;
• Managing trading-partner relationships.
 B2C - Business to Consumer
 Business to Consumer e-commerce is relatively new. This is where the consumer accesses the system of
the supplier. It is still a two way function but is usually done solely through the Internet.
 B2C can also relate to receiving information such as share prices, insurance quotes, on-line newspapers, or
weather forecasts. The supplier may be an existing retail outlet such as a high street store; it has been this
type of business that has been successful in using E-Commerce to deliver services to customers. These
businesses may have been slow in gearing-up for E-Commerce compared to the innovative dot.com start
ups, but they usually have a sound commercial structure as well as in-depth experience of running a
business - something which many dotcoms lacked, causing many to fail.
 Example: A home user wishes to purchase some good quality wine. The user accesses the Internet site to
read a report on the recommended wines. After reading the tasting notes the user follows the links to place
an order along with delivery and payment details directly into the merchants’ inventory system. The wine is
then dispatched from the supplier’s warehouse and in theory is delivered to the consumer without delay.
 C2B - Consumer to Business
 Consumer to Business is a growing arena where the consumer requests a specific service from the
business. Example: Harry is planning a holiday in Darwin. He requires a flight in the first week of
December and is only willing to pay Rs. 250. Harry places a submission with in a web based C2B facility.
Dodgy Brothers Airways accesses the facility and sees Harry’s submission. Due to it being a slow period,
the airline offers Harry a return fare for Rs. 250.
 B2E - Business to Employee
 Business to Employee e-commerce is growing in use. This form of E-commerce is more commonly known
as an ‘Intranet’. An intranet is a web site developed to provide employees of an organization with
information. The intranet is usually access through the organizations network, it can and is often extended
to an Entrant which uses the Internet but restricts uses by sign on and password.
 C2C - Consumer to Consumer
 These sites are usually some form of an auction site. The consumer lists items for sale with a commercial
auction site. Other consumers access the site and place bids on the items. The site then provides a
connection between the seller and buyer to complete the transaction. The site provider usually charges a
transaction cost. In reality this site should be call C2B2C.
 B2A is the least developed area of E-Commerce and it relates to the way that public sector organisations,
at both a central and local level, are providing their services on-line. Also known as e-Government, it has
the potential to increase the domestic and business use of e-Commerce as traditional services are
increasingly being delivered over the Internet. The UK government is committed to ensuring this country is
at the forefront of e-Commerce and it is essential that e-Government plays a significant part in achieving
this objective.
 Scope of E-Commerce
• Selling can be focused to the global customer
• Pre-sales, subcontracts, supply
• Financing and insurance
• Commercial transactions: ordering, delivery, payment
• Product service and maintenance
• Co-operative product development
• Distributed co-operative working
• Use of public and private services
• Business-to-administrations (e.g. customs, etc)
• Transport and logistics
• Public procurement
• Automatic trading of digital goods
• Accounting
• Dispute resolution
 GMAIL YAHOO
GMAIL
ACCOU Y SERVER
SERVER
NT
 Advantages of E-Commerce
• Electronic Commerce can increase sales and decrease costs.
• Advertising done well on the web can get even a small firm’s promotional message out to potential customers in every country
in the world.
• Businesses can use electronic commerce to identify new suppliers and business partners.
• Electronic Commerce increases the speed and accuracy with which businesses can exchange information, which reduces
costs on both sides of transactions.
• E-Commerce provides buyers with a wider range of choices than traditional commerce because buyers can consider many
different products and services from a wider variety of sellers.
• Electronic payments of tax refunds, public retirement and welfare support cost less to issue and arrive securely and quickly
when transmitted over the Internet.
 Disadvantages of E-Commerce
• Some business processes such as perishable foods and high-cost, unique items such as custom-designed jewelry might be
impossible to inspect adequately from a remote location.
• Costs, which are a function of technology, can change dramatically even during short-lived electronic commerce
implementation projects because the technologies are changing so rapidly.
• Many firms have trouble recruiting and retaining employees with the technological, design and business process skills needed
to create an effective electronic commerce presence.
• Firms facing difficulty of integrating existing databases and transaction processing software designed for traditional commerce
into the software that enables electronic commerce.
• Companies that offer software design and consulting services to tie existing systems into new online business systems can be
expensive.
• Consumers are fearful of sending their credit card numbers over the Internet and having online merchants. Consumers are
simply resistant to change and are uncomfortable viewing merchandise on a computer screen rather than in person.
 History of Cryptography
 The art of cryptography is considered to be born along with the art of writing. As civilizations evolved, human beings got organized
in tribes, groups, and kingdoms. This led to the emergence of ideas such as power, battles, supremacy, and politics. These ideas
further fueled the natural need of people to communicate secretly with selective recipient which in turn ensured the continuous
evolution of cryptography as well.
 The roots of cryptography are found in Roman and Egyptian civilizations.
 Evolution of Cryptography
 It is during and after the European Renaissance, various Italian and Papal states led the rapid proliferation of cryptographic
techniques. Various analysis and attack techniques were researched in this era to break the secret codes.
• Improved coding techniques such as Vigenere Coding came into existence in the 15th century, which offered moving letters in the
message with a number of variable places instead of moving them the same number of places.
• Only after the 19th century, cryptography evolved from the ad hoc approaches to encryption to the more sophisticated art and
science of information security.
• In the early 20th century, the invention of mechanical and electromechanical machines, such as the Enigma rotor
machine, provided more advanced and efficient means of coding the information.
• During the period of World War II, both cryptography and cryptanalysis became excessively mathematical.
 With the advances taking place in this field, government organizations, military units, and some corporate houses started adopting
the applications of cryptography. They used cryptography to guard their secrets from others. Now, the arrival of computers and the
Internet has brought effective cryptography within the reach of common people.
 Cryptography
 Cryptography is technique of securing information and communications through use of codes
so that only those person for whom the information is intended can understand it and process
it. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and
suffix graphy means “writing”.
 Cryptography is the art and science of making a cryptosystem that is capable of
providing information security.
 Cryptography deals with the actual securing of digital data. It refers to the design of
mechanisms based on mathematical algorithms that provide fundamental information
security services. You can think of cryptography as the establishment of a large toolkit
containing different techniques in security applications.
 In Cryptography the techniques which are use to protect information are obtained from
mathematical concepts and a set of rule based calculations known as algorithms to convert
messages in ways that make it hard to decode it. These algorithms are used for cryptographic
key generation, digital signing, verification to protect data privacy, web browsing on internet
and to protect confidential transactions such as credit card and debit card transactions.
 Techniques used For Cryptography:
In today’s age of computers cryptography is often associated with the process where an ordinary plain
text is converted to cipher text which is the text made such that intended receiver of the text can only
decode it and hence this process is known as encryption. The process of conversion of cipher text to
plain text this is known as decryption.
 Features Of Cryptography are as follows:
1. Confidentiality:
Information can only be accessed by the person for whom it is intended and no other person except him
can access it.
2. Integrity:
Information cannot be modified in storage or transition between sender and intended receiver without
any addition to information being detected.
3. Non-repudiation:
The creator/sender of information cannot deny his or her intention to send information at later stage.
4. Authentication:
The identities of sender and receiver are confirmed. As well as destination/origin of information is
confirmed.
A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure
to provide information security services. A cryptosystem is also referred to as a cipher system.

Let us discuss a simple model of a cryptosystem that provides confidentiality to the information being
transmitted. This basic model is depicted in the illustration below −

Message = abc CDE(CIPHER TEXT)

Plain ENCRYPTION
text(a+2,b+2,c+2) (ENCRYPT)
(C-2,D-2,E-2) MESSAGE =abc
(DECRYPTION)
 Components of a Cryptosystem
 The various components of a basic cryptosystem are as follows −
• Plaintext. It is the data to be protected during transmission.
• Encryption Algorithm. It is a mathematical process that produces a ciphertext for any given plaintext and
encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a
ciphertext.
• Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the
encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by
anyone who has access to the communication channel.
• Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and
decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a
plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it.
• Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption
algorithm along with the plaintext in order to compute the ciphertext.
• Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but
is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the
ciphertext in order to compute the plaintext.
 For a given cryptosystem, a collection of all possible decryption keys is called a key space.
 An interceptor (an attacker) is an unauthorized entity who attempts to determine the plaintext. He can see the
ciphertext and may know the decryption algorithm. He, however, must never know the decryption key.
 Types
1. Symmetric Key Cryptography:Public key Cryptography
It is an encryption system where the sender and receiver of message use a single common key to
encrypt and decrypt messages. Symmetric Key Systems are faster and simpler but the problem is
that sender and receiver have to somehow exchange key in a secure manner. The most popular
symmetric key cryptography system is Data Encryption System(DES).
2. Hash Functions:
There is no usage of any key in this algorithm. A hash value with fixed length is calculated as per
the plain text which makes it impossible for contents of plain text to be recovered. Many
operating systems use hash functions to encrypt passwords.
3. Asymmetric Key Cryptography:Private key cryptography
Under this system a pair of keys is used to encrypt and decrypt information. A public key is used
for encryption and a private key is used for decryption. Public key and Private Key are different.
Even if the public key is known by everyone the intended receiver can only decode it because he
alone knows the private key.
Types of Cryptography
Challenge of Symmetric Key Cryptosystem

 There are two restrictive challenges of employing symmetric key cryptography.

• Key establishment − Before any communication, both the sender and the
receiver need to agree on a secret symmetric key. It requires a secure key
establishment mechanism in place.
• Trust Issue − Since the sender and the receiver use the same symmetric key,
there is an implicit requirement that the sender and the receiver ‘trust’ each other.
For example, it may happen that the receiver has lost the key to an attacker and
the sender is not informed.
 These two challenges are highly restraining for modern day communication. Today,
people need to exchange information with non-familiar and non-trusted parties. For
example, a communication between online seller and customer. These limitations
of symmetric key encryption gave rise to asymmetric key encryption schemes.
Hashing technique

0x

key 1y
h 2z
3a
4b
5c
xyzabc
aaaaa
 Public Key Cryptography

Two keys
Sender uses recipient’s public key to encrypt
Recipient uses private key to decrypt
Based on “trap door one way function”
“One way” means easy to compute in one
direction, but hard to compute in other direction
Example: Given p and q, product N = pq easy to
compute, but given N, it’s hard to find p and q
“Trap door” used to create key pairs
 What we learn here with PKC
32

Knapsack
First PKC proposal
insecure
RSA
Standard PKC
Diffie-Hellman Key Exchange
key exchange algorithm
ECC(Elliptic Curve Cryptography)
RSA
Simple RSA Example(1)

 Example of RSA
 Select “large” primes p = 11, q = 3

 Then N = p*q = 33 and

 (p − 1)*(q − 1) = 20

 Choose e = 3 (relatively prime to 20)1<e<Φ(n)

 Find d such that ed = 1 mod 20

 d=1 mod 20 /e d=
 We find that d = 7 works

 Public key: (N, e) = (33, 3)

 Private key: d = 7
 Public key: (N, e) = (33, 3)
Private key: d = 7
 M=7 encryption
 C=M^e mod n
 =7^3 mod 33=343 mod 33
 C=13

Decryption
M=C^d mod n
=13^7 mod 33(2+2+3) (4+2+1)
13^4 mod 33= 7
RSA

 Invented by Clifford Cocks (GCHQ), and later

independently, Rivest, Shamir, and Adleman
(MIT)
 RSA is the gold standard in public key crypto
 Let p and q be two large prime numbers
 Let N = pq be the modulus
 Choose e relatively prime to (p−1)(q−1)
 Find d such that ed = 1 mod (p−1)(q−1)
 Public key is (N,e)
 Private key is d
RSA
Message M is treated as a number
To encrypt M we compute
C = Me mod N

To decrypt ciphertext C compute

M = Cd mod N

Recall that e and N are public

If Trudy can factor N=pq, she can use e to
easily find d since ed = 1 mod (p−1)(q−1)
Factoring the modulus breaks RSA
Is factoring the only way to break RSA?
 Generation of the keys (public key and private key)
 1.Select two large prime numbers p and q p≠q
 2.n=pxq
 3.Φ(n)=(p-1)x(q-1)
 4.find e(public key) gcd(Φ(n),e)=1 1<e<Φ(n)
 5.find d(private key) dxe mod Φ(n)=1
 6 public key {e}
 7private key {d}

 Encryption:
 Plain text: M <n
 Cipher text: C=M^e mod n Me mod n

 Decryption:
 Cipher text: C
 Plain text: M M=C^d mod n Cd mod n
 1. p=2 q=7 p≠q
 2. n=p*q = 14
 3. Φ(n)=(p-1)*(q-1) =1x6=6 (2-1)*(7-1)
 Coprime with 6Φ(n) and mod 14 n
 4.e (public key) gcd(Φ(n),e)=1 1<e<Φ(n) 1<e<6 e=5

 5.d d*e modΦ(n)=1 d=1/(e mod Φ(n)) (d*5 ) %6=1

 5*5 %6
 11*5 %6 =1
 6 .public key { 5,}
 {11}
 Encrypt
 Decrypt
 p =17 q =11
 N=pxq = 187 [1,11,17,187]
 Φ(n)=(p-1)x(q-1)=160 [1,2,4,8,10,16,20,32,40,80,160]
 e
 gcd(e,160)=1 1<e<160
 e= 7
 D
 dx7 mod 160 161 162 163
 23 x 7 mod 160 =
 161 mod 160 =1
 ed
 Encryption :
 Decryption:
Does RSA Really Work?
 Given C = Me mod N we must show
M = Cd mod N = Med mod N

 We’ll use Euler’s Theorem:

If x is relatively prime to n then x(n) = 1 mod n
 Facts:
1) ed = 1 mod (p − 1)(q − 1)
2) By definition of “mod”, ed = k(p − 1)(q − 1) + 1
3) (N) = (p − 1)(q − 1)
 Then ed − 1 = k(p − 1)(q − 1) = k(N)
 Finally, Med = M(ed − 1) + 1 = MMed − 1 = MMk(N)
= M(M(N))k mod N = M1k mod N = M mod N
RSA

 What is the most difficult?

addition multiplication factoring

Easy Difficult
123 123 221 = ?x?
+ 654 x 654 221/2 =
-------- --------- 221/3 =
777 492 221/5 =
615 221/7 =
738 221/11 =
----------- 221/13 =
80442 221 = 13 x 17
Simple RSA Example(2)

 Public key: (N, e) = (33, 3)

 Private key: d = 7
 Suppose message M = 8
 Ciphertext C is computed as
C = Me mod N = 83 = 512 = 17 mod 33
 Decrypt C to recover the message M by
M = Cd mod N = 177 = 410,338,673 = 12,434,505  33 + 8 =
8 mod 33
More Efficient RSA (1)

 Modular exponentiation example

 520 = 95367431640625 = 25 mod 35
 A better way: repeated squaring
o 20 = 10100 base 2
o (1, 10, 101, 1010, 10100) = (1, 2, 5, 10, 20)
o Note that 2 = 1 2, 5 = 2  2 + 1, 10 = 2  5, 20 = 2  10
o 51= 5 mod 35
o 52= (51)2 = 52 = 25 mod 35
o 55= (52)2  51 = 252  5 = 3125 = 10 mod 35
o 510 = (55)2 = 102 = 100 = 30 mod 35
o 520 = (510)2 = 302 = 900 = 25 mod 35
 No huge numbers and it’s efficient!
DES Data Encryption Standard
64 bit plaintext

Initial permutation

48 bits
Round 1 k1

Round key generator

k2
Round 2
48 bits

Round 16 k16
48 bits

Final permutation

64 bit plaintext
 1.Round function
 2.key schedule
 3.additional processing
 A.initial permutation
 B.final permutation
 Initial permutation and final
permutation

1 2 3 4 5 6 7…………………………………………………………………………………64

1 2 3 4 5 6 7…………………………………………………………………………………64

16 rounds

1 2 3 4 5 6 7…………………………………………………………………………………64
Protocols for Transactions. SSL-Secure Socket
Layer, SET-Secure Electronic Transaction

 Official procedure of rules governing some network.

 Set of rules
 SET
Secure Electronic Transaction or SET is a system which ensures security and integrity of electronic transactions done
using credit cards in a scenario. SET is not some system that enables payment but it is a security protocol applied on
those payments. It uses different encryption and hashing techniques to secure payments over internet done through
credit cards.

SET protocol was supported in development by major organizations like Visa, Mastercard, Microsoft which provided its
Secure Transaction Technology (STT) and NetScape which provided technology of Secure Socket Layer (SSL).

SET protocol restricts revealing of credit card details to merchants thus keeping hackers and thieves at bay. SET protocol
includes Certification Authorities for making use of standard Digital Certificates like X.509 Certificate.
Before discussing SET further, let’s see a general scenario of electronic transaction, which includes client, payment
gateway, client financial institution, merchant and merchant financial institution.
1.Cardholder – customer
2.Issuer – customer financial institution
3.Merchant
4.Acquirer – Merchant financial
5.Certificate authority – Authority which follows certain standards and issues certificates(like X.509V3) to all
other participants.
SET functionalities :
•Provide Authentication
• Merchant Authentication – To prevent theft, SET allows customers to check previous relationships
between merchant and financial institution. Standard X.509V3 certificates are used for this
verification.
• Customer / Cardholder Authentication – SET checks if use of credit card is done by an authorized user
or not using X.509V3 certificates.
•Provide Message Confidentiality : Confidentiality refers to preventing unintended people from reading the
message being transferred. SET implements confidentiality by using encryption techniques. Traditionally DES is
used for encryption purpose.
•Provide Message Integrity : SET doesn’t allow message modification with the help of signatures. Messages
are protected against unauthorized modification using RSA digital signatures with SHA-1 and some using
HMAC with SHA-1,
Dual Signature :
The dual signature is a concept introduced with SET, which aims at connecting two information pieces meant
for two different receivers :
Order Information (OI) for merchant
Payment Information (PI) for bank
Secure Socket Layer (SSL) provide security to the data that is transferred
between web browser and server. SSL encrypt the link between a web
server and a browser which ensures that all data passed between them
remain private and free from attack.
Secure Socket Layer Protocols:
•SSL record protocol
•Handshake protocol
•Change-cipher spec protocol
•Alert protocol
Silent Features of Secure Socket Layer:
•Advantage of this approach is that the service can be tailored
to the specific needs of the given application.
•Secure Socket Layer was originated by Netscape.
•SSL is designed to make use of TCP to provide reliable end-to-
end secure service.
•This is two-layered protocol.
Digi cash

 DigiCash India provide you Indian Pancard Services industry that is recognized for
providing the best Recharge services at High success Ratio (90% to 95%) with
High Margins (Commission for B2B Customers) and Gives benefits to all our
Online Customer under our "Make Money On Every Recharge" Program.
Cyber cash

 A commercial payment system whereby a user digitally purchases cash credits

and then spends them when making electronic purchases over the Internet.
Most merchants accepting digital cash use it as an alternative to other forms
of payment, such as credit cards,netbanking,UPI