MGT 401 Fall 2010

Electronic Payment Systems

The Payment Revolution

 Crucial Factors
 Independence (specialized hardware or software)
 Interoperability and portability (ability to mesh with existing systems)
 Security
 Anonymity
 Divisibility (high, middle, low transaction amounts)
 Ease of use
 Transaction fees
 Regulations
Using Payments Cards Online

payment card
Electronic card that contains information that can be
used for payment purposes

 Three forms of payment cards:

 Credit cards
 Charge cards
 Debit cards
Using Payments Cards Online

 Processing Credit Cards Online

authorization
Determines whether a buyer’s card is active and whether the
customer has sufficient funds

settlement
Transferring money from the buyer’s to the merchant’s account

payment service provider (PSP)

A third-party service connecting a merchant’s EC systems to the
appropriate acquirers. PSPs must be registered with the various
card associations they support
Using Payments Cards Online

 Key participants in processing credit card payments

online include the following:
 Acquiring bank
 Credit card association
 Customer
 Issuing bank
 Merchant
 Payment processing service
 Processor
Using Payments Cards Online

 Fraudulent Credit Card Transactions

Address Verification System (AVS)
Detects fraud by comparing the address entered on a Web page
with the address information on file with cardholder’s issuing
bank

card verification number (CVN)

Detects fraud by comparing the verification number printed on
the signature strip on the back of the card with the information
on file with the cardholder’s issuing bank
Using Payments Cards Online

 Fraudulent Credit Card Transactions

 Additional tools used to combat fraud include:
 Manual review
 Fraud screens and decision models
 Negative files
 Card association payer authentication services
Using Payments Cards Online

virtual credit card

An e-payment system in which a credit card issuer gives
a special transaction number that can be used online in
place of regular credit card numbers
Smart Cards

smart card
An electronic card containing an embedded microchip
that enables predefined operations or the addition,
deletion, or manipulation of information on the card
Smart Cards

 Types of Smart Cards

contact card
A smart card containing a small gold plate on the face that when
inserted in a smart card reader makes contact and passes data
to and from the embedded microchip

contactless (proximity) card

A smart card with an embedded antenna, by means of which
data and applications are passed to and from a card reader unit
or other device without contact between the card and the card
reader
Smart Cards

smart card reader

Activates and reads the contents of the chip on a
smart card, usually passing the information on to a
host system

smart card operating system

Special system that handles file management,
security, input/output (I/O), and command execution
and provides an application programming interface
(API) for a smart card
Smart Cards

 Applications of Smart Cards

 Retail Purchases
e-purse
Smart card application that loads money from a card
holder’s bank account onto the smart card’s chip
Common Electronic Purse Specification (CEPS)
Standards governing the operation and interoperability
of e-purse offerings
 Transit Fares
 E-Identification
Smart Cards

 Applications of Smart Cards

 Transit Fares
To eliminate the inconvenience of multiple types of tickets used
in public transportation, most major transit operators in the
United States are implementing smart card fare-ticketing
systems

 E-Identification
Because they have the capability to store personal information,
including pictures, biometric identifiers, digital signatures, and
private security keys, smart cards are being used in a variety of
identification, access control, and authentication applications
Smart Cards

 Applications of Smart Cards in Health Care

 Storing vital medical information in case of emergencies
 Preventing patients from obtaining multiple prescriptions from
different physicians
 Verifying a patient’s identity and insurance coverage
 Speeding up the hospital or emergency room admissions process
 Providing medical practitioners with secure access to a patient’s
complete medical history
 Speeding up the payment and claims process
 Enabling patients to access their medical records over the Internet
Smart Cards

 Securing Smart Cards

 Smart cards store or provide access to either
valuable assets or to sensitive information
 Because of this, they must be secured against theft,
fraud, or misuse
 The possibility of hacking into a smart card is
classified as a “class 3” attack, which means that the
cost of compromising the card far exceeds the
benefits
Stored-Value Cards

stored-value card
A card that has monetary value loaded onto it
and that is usually rechargeable
E-Micropayments

e-micropayments
Small online payments, typically under US $10

 Companies with e-micropayment products:

 BitPass (bitpass.com)
 Paystone (paystone.com)
 PayLoadz (payloadz.com)
 Peppercoin (peppercoin.com)
E-Checking

e-check
A legally valid electronic version or representation of a paper check

Automated Clearing House (ACH) Network

A nationwide batch-oriented electronic funds transfer system that
provides for the interbank clearing of electronic payments for
participating financial institutions

http://www.echeck.org/overview/consortium/

National Check fraud Center

Department of Treasury guide

E-Checking

 Benefits of e-check processing:

 It reduces the merchant’s administrative costs by
providing faster and less paper-intensive collection of
funds
 It improves the efficiency of the deposit process for
merchants and financial institutions
 It speeds the checkout process for consumers
 It provides consumers with more information about
their purchases on their account statements
 It reduces the float period and the number of checks
that bounce because of insufficient funds (NSFs)
Exhibit 12.3 Processing E-Checks with
Authorize. Net
Electronic Bill Presentment and Payment

electronic bill presentment and payment (EBPP)

Presenting and enabling payment of a bill online.
Usually refers to a B2C transaction

 Types of E-Billing
 Online banking
 Biller direct
 Bill consolidator
Payment Cards
Electronic Bill Presentment and Payment

 Advantages of E-Billing
 Reduction in expenses related to billing and
processing payments
 Electronic advertising inserts can be customized to
the individual customer
 Reduces customer’s expenses
B2B Electronic Payments

 Current B2B Payment Practices

 Financial supply chains of most companies are
characterized by inefficiencies created by a number of
factors, including:
 The time required to create, transfer, and process paper
documentation
 The cost and errors associated with manual creation and
reconciliation of documentation
 The lack of transparency in inventory and cash positions when
goods are in the supply chain
 Disputes arising from inaccurate or missing data
 Fragmented point solutions that do not address the complete
end-to-end processes of the trade cycle
B2B Electronic Payments

 Enterprise Invoice Presentment and Payment

enterprise invoice presentment and payment (EIPP)

Presenting and paying B2B invoices online

 EIPP Models
 Seller Direct
 Buyer Direct
 Consolidator
B2B Electronic Payments

 EIPP Options
 ACH Network

purchasing cards (p-cards)

Special-purpose payment cards issued to a
company’s employees to be used solely for
purchasing nonstrategic materials and services up to
a preset dollar limit
B2B Electronic Payments

 Fedwire or Wire Transfer

letter of credit (LC)

A written agreement by a bank to pay the seller, on
account of the buyer, a sum of money upon
presentation of certain documents
The Sales Tax Issue

 Because of the complexities, many online

businesses (B2C and B2B) rely on specialized
third-party software and services to calculate
the taxes associated with a sale
Security Schemes

 Security schemes are implemented by protocols

 SSL (Secure Socket Layer)
 SET (Secure Electronic Transaction)
 Secure-HTTP (S-HTTP) applies SSL used for HTTP
communication
 SSL requires all communication is encrypted by
RSA/DES, and integrity is confirmed
 S-HTTP is widely used for e-commerce web sites (e.g. for
orders, credit card information etc.)
 S-HTTP requires an SSL compliant browser and server
SSL vs. SET

 SET (Secure Electronic Transfer) developed jointly by

Visa, MasterCard & American Express
 SET is built on top of SSL, and is much more secure
 Customer downloads and installs a “digital wallet”
 The digital wallet contains the customers certificate
 SET is slower than S-HTTP
 SET is much more complex for the user
 Very rarely used
 Where SET is used, S-HTTP is offered as an alternative
Electronic Payment in E-commerce

 Business to Business Payments

 small to very large sums
 Consumer Payments
 small to medium sums
 usually credit card transactions
 Micropayments (consumer)
 very small sums
 credit card transactions are much too expensive
• Electronic Fund Transfer (EFT)

 Designed to transfer funds from one account to

another
 Customer instructs bank (e.g. using ATM)
 Bank debits the customers account and submits
payment notification to an automated clearing
house
 Clearing house submits payment notification to
merchant’s bank, which credits the merchant's
account
 Traditionally this has used dedicated networks called
VANs and now Internet is used
Financial EDI

 EDI (Electronic Data Interchange)

 The electronic interchange of standardized business
documents between commercial partners
 Orders
 Bills
 Credit approval
 Shipping notices
 Confirmations, etc.
 Financial EDI extends this to incorporate EFT
 EDI is traditionally implemented on VAN, but is increasingly
implemented on the Internet
 Financial EDI on the Internet uses SSL
Online Credit Card Transaction
Digital Cash – PayPal

 One of e-commerce’s major success stories:

 Went public in 2002; acquired by eBay October 2002 for $1.5 b
 An example of a “peer-to-peer” payment system
 Fills a niche that credit card companies avoided –
 individuals and small merchants
 Piggybacks on existing credit card and checking payment
systems
 Weakness: suffers from relatively high levels of fraud
 Competitors include Western Union (MoneyZap), AOL
 (AOLQuickcash) and Citibank (C2it)
Smartcards

 These provide the ideal places to store certificates and

encryption keys
 Rechargeable “electronic purse” or “Stored Value” cards
 Examples
 Mondex in UK
 VisaCash in US
 Electronic delivery vehicle for cash
 Card is recharged from a bank account (effectively EFT)
 Individual transactions are then effectively cash (i.e. no central
communication, and no charge)
 NB open (Mondex) vs. closed systems
Micropayments

 Making numerous very small charges for

electronic goods or services
 Not feasible using credit cards or EFT - these are
much too expensive
 Possible through:
 Digital Cash
 Smartcards (stored value systems)
 Digital Accumulating Balance payment systems
Electronic Payment Summary

 Business to Consumer transactions

 Credit card payment using SSL is currently the de facto standard
 SET is not yet widely adopted, but may become so in the near
future
 Digital Cash is an alternative
 Business to Business transactions
 Credit card fee system is too high for large transactions
 EFT has been used for many years on dedicated VANs
Increasingly the Internet is being used
 Financial EDI is integrating all aspects of transactions
 Micropayments
 Credit card or EFT fee system is prohibitive