CH 11

EIectronic Commerce
Ninth Edition
Chapter 11
Payment Systems for Electronic
Commerce
Electronic Commerce, Ninth Edition 2 Electronic Commerce, Ninth Edition 2
Learning Objectives
n this chapter, you will learn about:
The basic functions of online payment systems
The use of payment cards in electronic commerce
The history and future of electronic cash
How electronic wallets work
The use of stored-value cards in electronic
commerce
nternet technologies and the banking industry
Electronic Commerce, Ninth Edition 3
Online Payment Basics
Online payment systems
Still evolving
Competition for dominance
Cheaper than mailing paper checks
Convenient for customers
Save companies money
Costs per bill
Billing by mail: between $1.00 and $1.50
nternet billing and payment costs: 50 cents
Significant environmental impact
Online Payment Basics (cont'd.)
Four ways to purchase items (traditional and
electronic)
Cash, checks, credit cards, debit cards
90% of all United States consumer payments
Electronic transfer: small but growing segment
Popular example: automated payments
Credit cards
Worldwide: 90% of online payments
United States: 97% of online payments
Noncard payment alternatives (PayPal) becoming
increasingly popular
&#E 11-1 Forecasted forms of payment for U.S. consumer transactions
$crip
Digital cash minted by a company
Cannot be exchanged for cash
Exchanged for goods or services
Like a gift certificate: good at more than one store
Current scrip offerings (eScrip)
Focus: not-for-profit fundraising market
Popular scrip use
Has not materialized
Online business payment requirements
Safe, convenient, widely accepted
Companies sell payment processing package
service
&#E 11-2 Payment processing service offerings of Payment Online
Payment Cards
!,ment c,rd
Describes all types of plastic cards used to make
purchases
Categories: credit cards, debit cards, charge cards
Credit card (Visa, MasterCard)
Spending limit based on user's credit history
Pay off entire credit card balance
May pay minimum amount
Card issuers charge unpaid balance interest
Widely accepted
Consumer protection: 30-day dispute period
Payment Cards (cont'd.)
Credit card (cont'd.)
C,rd not present tr,ns,ctions
Cardholder not present during transaction
Extra degree of risk for merchant and bank
Debit c,rd
Removes sales amount from cardholder's bank
account
Transfers sales amount to seller's bank account
ssued by cardholder's bank
Carries major credit card issuer name
Ch,rge c,rd (American Express)
No spending limit
Entire amount due at end of billing period
No line of credit or interest charges
Examples: department store, oil company cards
Retailers may offer their own charge cards
$ingIe-use c,rds
Cards with disposable numbers
Addresses concern of giving online vendors payment
card numbers
Valid for one transaction only
Designed to prevent unscrupulous vendor fraud
Withdrawn from the market
Problem: required different consumer behavior
Advantages and Disadvantages of
Payment Cards
Advantage for merchants
Fraud protection
Can authenticate and authorize purchases using a
payment card processing network
Advantage for U.S. consumers
Liability of fraudulent card use: $50
Frequently waived if card stolen
Greatest advantage
Worldwide acceptance
Currency conversion handled by card issuer
Disadvantage for merchants
Per-transaction fees, monthly processing fees
Viewed as cost of doing business
Goods and services prices: slightly higher
Compared to environment free of payment cards
Disadvantage for consumers
Annual fee
Provide built-in security for merchants
Assurance of payments
Card transaction steps transparent to consumers
Payment Acceptance and Processing
nternet payment card process made easier
Due to standards
EMV st,nd,rd
Single standard handling payment card transactions
Visa, MasterCard, MasterCard nternational
United States online stores, mail order stores
Must ship merchandise within 30 days of charging
payment
Significant violation penalties
Charge account when shipped
(cont'd.)
General steps in payment card transactions
Merchant receives consumer's payment card
information
Merchant authenticates payment card to ensure validity
Merchant checks with payment card issuer to ensure
credit or funds available
Puts a hold on credit line or funds needed to cover the
charge
Settlement occurs (few days after purchase)
Funds travel between banks
(cont'd.)
Open and closed loop systems
CIosed Ioop sstems
Card issuer pays merchant directly
Does not use intermediary
American Express, Discover Card
Open Ioop sstems (three or more parties)
Third party (intermediary bank) processes transaction
Visa, MasterCard: not issued directly to consumers
Credit card associations: operated by association
member banks
Customer issuing b,nks: banks issuing cards
(cont'd.)
Merchant accounts
Merch,nt b,nk (,cquiring b,nk)
Bank wanting to accept payment cards
Merch,nt ,ccount required to process nternet
transactions payment cards
Obtaining account
Merchant provides business information
Bank assesses business type risk
Bank assesses percentage of sales likely to be
contested
(cont'd.)
Merchant accounts (cont'd.)
Ch,rgeb,ck process
Cardholder successfully contests charge
Merchant bank must retrieve money from merchant
account
Merchant may have to cover chargeback potential
Problem facing online businesses: fraud
10 percent of all credit card transactions completed
online
Responsible for 70 percent of total dollar amount of
credit card fraud
(cont'd.)
Merchant accounts (cont'd.)
Online transaction fraud increased steadily through
2009
Fraud losses dropped 18 percent from 2008 to 2009
Scoring services providing risk ratings for individual
transactions in real time
Shipping only to card billing address
Requiring card verification numbers (CVNs) for card not
present transactions
CVN
Three- or four-digit number printed on the credit card
Not encoded in the card's magnetic strip
(cont'd.)
Processing payment cards online
!,ment processing service providers
Companies offering payment card processing
Example: nternetSecure
Supports Canadian and U.S. Visa and MasterCard
payments
Provides risk management and fraud detection
Handles online merchants' transactions
Uses existing bank-approved payment card processing
infrastructure, secure links, firewalls
Notifies merchant of all approved orders and supplies
buyer authorization codes
(cont'd.)
Processing payment cards online (cont'd.)
FirstData and Merchant Warehouse
Provide credit card processing software and services
utom,ted CIe,ring House (CH)
Network of banks connecting credit card processing
software vendors and card authorization companies
More information
EPN, NACHA - The Electronic Payments Association,
The Clearing House, U.S. Federal Reserve Bank's
Federal Reserve Financial Services site
&#E 11-3 Processing a payment card transaction
(cont'd.)
Processing payment cards online (cont'd.)
nfoSpace's Authorize.Net
Online, real-time payment card processing service
Merchants link to system by inserting small HTML code
block into transaction page
Order encrypted, transferred to Authorize.Net server
Server relays transaction to bank network
Customers not aware of third-party supplier (usually)
Electronic Cash
EIectronic c,sh (e-c,sh, digit,I c,sh)
Describes any value storage and exchange system
created by private (nongovernmental) entity
Does not use paper documents or coins
Can serve as substitute for government-issued physical
currency
Readily exchanged for physical cash on demand
Problems
No standard among all electronic cash issuers
Not universally accepted
Electronic Cash (cont'd.)
Recall from previous section:
Banks make money by charging merchants a credit
card processing fee on each transaction
Fee ranges: one percent to four percent of the
transaction value
Banks often impose a minimum fee
20 cents or more per transaction
Banks charge electronic commerce sites
More than similar brick-and-mortar stores
Stores accepting credit cards may require:
Minimum purchase amount of $10 or $15
Small purchases not profitable for merchants
Bank credit card fees greater than profits
Factors favoring electronic cash
Potentially significant electronic cash market
nternet small purchases (below $10)
Most of world's population does not have credit cards
dea of electronic cash refuses to die
Micropayments and Small Payments
Microp,ments
nternet payments for items costing few cents to a
dollar
Micropayments barriers
Not implemented very well on the Web yet
Human psychology
People prefer to buy small value items in fixed price
chunks
Example: mobile phone fixed monthly payment plans
(cont'd.)
Companies that have developed micropayment
systems
Millicent, DigiCash, Yaga, BitPass
All failed
No company gained broad acceptance of its system
No company devoted solely to offering micropayment
services
(cont'd.)
$m,II p,ments
All payments of less than $10
Being offered through mobile telephone carrier
Buyers make purchases using their mobile phones
Charges appear on monthly mobile phone bill
Bright future held back by mobile carriers' substantial
charges
Privacy and Security of Electronic Cash
Electronic payment method concerns
Privacy and security, independence, portability,
convenience
Privacy and security: most important to consumers
Vulnerable transactions
Electronic currency: copied, reused, forged
mportant characteristics of electronic cash
Ability to spend only once
Anonymous use
Convenience
Holding Electronic Cash: Online and
Offline Cash
Online cash storage
Consumer has no personal possession of electronic
cash
Trusted third party (online bank) involved in all
transfers, holds consumers' cash accounts
Online system payment
Merchants contact consumer's bank
Helps prevent fraud (confirm valid cash)
Resembles process of checking with consumer's bank
to ensure valid credit card and matching name
Offline Cash (cont'd.)
Offline cash storage
Virtual equivalent of money kept in wallet
Customer holds it
No third party involved in transaction
Protection against fraud concern
Hardware or software safeguards needed
DoubIe-spending
Spending electronic cash twice
Submit same electronic currency to two different
vendors
Not enough time to prevent fraudulent act
Main deterrent to double-spending
Threat of detection and prosecution
Keys to creating tamperproof electronic cash
traceable back to origins
Cryptographic algorithms
Two-part lock
Provides anonymous security
Signals an attempt to double-spend cash
When second transaction occurs
Complicated process reveals:
Attempted second use
dentity of original electronic cash holder
Electronic cash used correctly
Maintains user's anonymity
Double-lock procedure
Protects anonymity of electronic cash users
Simultaneously provides built-in safeguards to
prevent double-spending
&#E 11-4 Detecting double-spending of electronic cash
Double-spending
Neither detected nor prevented with truly anonymous
electronic cash
nonmous eIectronic c,sh
Cannot be traced back to person who spent it
Tracing electronic cash
Attach serial number to each electronic cash
transaction
Cash positively associated with particular consumer
Does not solve double-spending problem
Single issuing bank can detect when two deposits of
same electronic cash are about to occur
mpossible to ascertain fault (consumer or merchant)
Electronic cash containing serial numbers
No longer anonymous
One reason to acquire electronic cash
Raises privacy issues
Using serial numbers to track consumers' spending
habits
Electronic Cash
Traditional brick-and-mortar billing methods
Costly and inefficient
Online stores have the same payment collection
inefficiencies
Online customers use credit cards to pay for
purchases
Online auction customers use conventional payment
methods
Checks, money orders
Electronic cash system
Less popular than other payment methods
Provides unique advantages and disadvantages
Advantages of electronic cash transactions
More efficient (less costly)
Efficiency fosters more business (lower prices)
Occurs on existing infrastructure (nternet)
Does not require one party to obtain authorization
Disadvantages of electronic cash transactions
No audit trail
Mone I,undering
Technique criminals use to convert money illegally
obtained into spendable cash
Purchase goods, services with ill-gotten electronic cash
Goods sold for physical cash on open market
Electronic cash has not yet become a global
success
Will require wide acceptance and solution to problem
of multiple electronic cash standards
Creating truly anonymous electronic cash
Bank issues electronic cash with embedded serial
numbers
Bank digitally signs electronic cash while removing
association of cash with particular customer
Electronic Cash Systems
Electronic cash
More successful in Europe and Japan
Consumers prefer to use cash (does not work well for
online transactions)
Electronic cash fills important need
Not successful in United States
Consumers have payment cards and checking
accounts
KDD Communications (KCOM)
nternet subsidiary: Japan's largest phone company
Offers electronic cash through NetCoin Center
Electronic Cash Systems (cont'd.)
Reasons for failure of United States electronic cash
systems
Electronic cash systems implementation
Required to download and install complicated client-
side software that ran in conjunction with browser
Number of competing technologies
No standards developed
Array of proprietary electronic cash alternatives
No interoper,bIe softw,re
Runs transparently on variety of hardware
configurations and different software systems
PayPal
Payment processing services to businesses,
individuals
Earns profit from float
Money deposited, not used immediately
Charges transaction fee
Businesses using service to collect payments
!eer-to-peer (!2!) p,ment sstem
Free payment clearing service for individuals
Payments from one type of entity to another of the
same type
PayPal (cont'd.)
Eliminates writing and mailing checks or payment
cards
Send money instantly and securely to anyone with an
e-mail address
Convenient for auction bidders to pay for purchases
Convenient for auction sellers
Eliminates risks posed by other online payment types
Transactions clear instantly
Redemption
PayPal check or direct deposit to checking accounts
PayPal (cont'd.)
Merchants and consumers first register for PayPal
account
No minimum amount account balance
Add money by authorizing checking accounts transfer,
using credit card
Merchants need PayPal accounts to accept PayPal
payments
Electronic Wallets
Consumer concerns when shopping online
Entering detailed shipping and payment information
for each online purchase
Filling out forms
Solution
Allows customer to store name, address, credit card
information on the site
Problem
Consumers must enter information at each site
Electronic Wallets (cont'd.)
EIectronic w,IIet (e-w,IIet)
Holds credit card numbers, electronic cash, owner
identification, owner contact information
Provides information at electronic commerce site
checkout counter
Benefit: consumer enters information once
More efficient shopping
$erver-side eIectronic w,IIet
Stores customer's information on remote server of
merchant or wallet publisher
No download time or installation on user's computer
Server-side electronic wallet (cont'd.)
Main weakness
Security breach can reveal thousands of users'
personal information (credit card numbers)
CIient-side eIectronic w,IIet
Stores information on consumer's computer
Disadvantages
Must download wallet software onto every computer
Not portable
Advantage
Sensitive information stored on user's computer
Characteristics of useful wallets
Wallet accessibility
Populate data fields in any merchant's forms for any
site consumer visits
Electronic wallet manufacturer and merchants from
many sites must coordinate efforts
Wallet recognizes consumer information going into
each field of given merchant's forms
Electronic wallets can:
Store shipping and billing information
Hold credit card names, numbers
Offers consumer choice of credit cards at online
checkout
Hold electronic cash from various providers
MasterCard electronic wallet
Abandoned effort
Current major browsers include feature to remember
names, addresses, other commonly requested
information
Browser provides one-click Web form field completion
Two e-wallet arena survivors
Microsoft Windows Live D
Yahoo! Wallet
Microsoft Windows Live D
Formerly called Passport, Microsoft .NET Passport
Single sign-in service
ncludes server-side electronic wallet
Operated by Microsoft
All personal data entered into Windows Live D
wallet
Encrypted and password protected
Microsoft Windows Live D (cont'd.)
Four integrated services
Single sign-in service (SS)
Allows user to sign in using username and password
Wallet service
Provides electronic wallet functions
Kids service
Helps parents protect, control children's online privacy
Public profiles
Allows consumers to create public page of information
about themselves
Yahoo! Wallet
Server-side electronic wallet offered by Yahoo!
Completes order forms automatically
dentifying information, credit card payment
information
Stores information
Accepted by:
Thousands of Yahoo! Store merchants, Yahoo! Travel
Yahoo! Services
Premium e-mail storage, Web hosting fees
Yahoo! Wallet (cont'd.)
Yahoo! advantage
Hosts many services and shops
Large number of merchants accept wallet
Privacy concern
Company issuing wallet has access to much
information about individual using wallet
Stored-Value Cards
Microchip smart card or magnetic strip plastic card
Records currency balance
Microchip versus magnetic strip
Microchip stores more information
Tiny microchip computer processor
Performs calculations and storage operations on card
Different microchip card reader needed
Examples: prepaid phone, copy, subway, bus cards
"Stored-value card and "smart card used
interchangeably
Magnetic Strip Cards
Holds rechargeable value
Passive magnetic strip cards cannot:
Send or receive information
ncrement or decrement cash value stored
Processing done on device into which card inserted
Magnetic strip cards and smart cards store
electronic cash
Smart card better suited for nternet payment
transactions
Smart Cards
Stored-value card
Plastic card with embedded microchip
Credit, debit, charge cards store limited information
on magnetic strip
nformation storage
About 100 times more than magnetic strip plastic card
Holds private user data
Financial facts, encryption keys, account information,
credit card numbers, health insurance information,
medical records
Smart Cards (cont'd.)
Safer than conventional credit cards
nformation encrypted on smart card
Popular in Europe, parts of Asia
Public telephone calls, cable television programs
Hong Kong
Retail counters, restaurant cash registers have smart
card readers
Octopus: public transportation smart card can be
reloaded at transportation locations, 7-Eleven stores
Smart Cards (cont'd.)
Beginning to appear in United States
San Francisco TransLink integrated ticketing system
for public transportation
$m,rt C,rd IIi,nce
Advances smart card benefits
Promotes widespread acceptance of multiple-
application smart card technology
Promotes compatibility among smart cards, card
reader devices, applications
nternet Technologies and the Banking
ndustry
Paper checks
Largest dollar volume of payments
Processed through world's banking system
Other major payment forms
nvolve banks one way or another
Banking industry nternet technologies
Providing new tools
Creating new threats
Check Processing
Old method of physical check processing
Person wrote check; retailer deposited check in bank
account
Retailer's bank sent paper check to clearinghouse
Clearinghouse managed fund transfer (consumer's
bank to retailer's account)
Paper check transported to consumer's bank
Send cancelled check to consumer
Banks now provide PDF images of processed
checks
Check Processing (cont'd.)
Disadvantage of paper checks
Cost of transporting tons of paper checks
Float
Delay between the time person writes check and the
time check clears person's bank
Bank's customer obtains free use of funds for few days
Bank loses use of funds for same time period
Can become significantly longer than a few days
Check Processing (cont'd.)
Technologies helping banks reduce float
2004 U.S. law: Check Clearing for the 21st Century
Act (Check 21)
Banks eliminate movement of physical checks entirely
Check 21-compliant world
Retailer scans customer's check
Scanned image transmitted instantly
Through clearing system
Posts almost immediately to both accounts
Eliminates transaction float
Mobile Banking
Banks exploring mobile commerce potential
2009: banks launched sites allowing customers
using smart phones to:
Obtain bank balance, view account statement, find a
nearby ATM
Future plans
Offering downloadable applications smart phone
users can install
Use to transact all types of banking business
Criminal Activity and Payment
Systems: Phishing and dentity Theft
Online payment systems
Offer criminals and criminal enterprises an attractive
arena in which to operate
Average consumers: easy prey
Large amounts of money provide tempting targets
Phishing expedition
Technique for committing fraud against online
businesses customers
Particular concern to financial institutions
Phishing Attacks
Basic structure
Attacker sends e-mail message
To accounts with potential for an account at targeted
Web site
E-mail message tells recipient: account compromised
Recipient must log on to account to correct problem
E-mail message includes link
Appears to be Web site login page
Actually leads to perpetrator's Web site disguised to
look like the targeted Web site
Phishing Attacks (cont'd.)
Basic structure (cont'd.)
Recipient enters login name, password
Perpetrator captures
Uses to access recipient's account
Perpetrator accesses personal information, makes
purchases, withdraws funds
&#E 11-5 Phishing e-mail message
&#E 11-5 Phishing e-mail message (cont'd.)
$pe,r phishing
Carefully designed phishing expedition targeting a
particular person or organization
Requires considerable research
ncreases chance of e-mail being opened
Example: 2008 government stimulus checks
Phishing e-mails appeared within one week of passage
E-mail link disguises and tricks
Example: Web server ignores all characters
preceding "@:
https://www.paypal.com@218.36.41.188/fl/login.html
Link appears different in e-mail
Phony site invisible due to JavaScript code
Pop-up windows
Look exactly like browser address bar
ncluding Web site graphics of financial institutions
Looks more convincing
&#E 11-6 Phishing
e-mail with graphics
Using Phishing Attacks for dentity
Theft
Org,nized crime (r,cketeering)
Unlawful activities conducted by highly organized,
disciplined association for profit
Differentiated from less-organized groups
nternet providing new criminal activity opportunities
Generates spam, phishing, identity theft
dentit theft
Criminal act: perpetrator gathers victim's personal
information
Uses information to obtain credit
Perpetrator runs up account charges and disappears
&#E 11-7 Types of personal information most useful to identity thieves
Theft (cont'd.)
Large criminal organizations
Efficient perpetrators of identity theft
Exploit large amounts of personal information quickly
and efficiently
Sell or trade information that is not of immediate use
Other worldwide organized crime entities
ombie f,rm
Large number of computers implanted with zombie
programs
!h,rming ,tt,ck
Hacker sells right to use zombie farm to organized
crime association
Theft (cont'd.)
Two elements in phishing
CoIIectors: collect information
C,shers: use information
Require different skills
Crime organizations facilitate transactions between
collectors and cashers
ncreases phishing activity efficiency, volume
Each year
More than a million people fall victim
Financial losses exceed $500 million
Phishing Attack Countermeasures
Change protocol
mprove e-mail recipients' ability to identify message
source
Reduce phishing attack threat
Educate Web site users
Contract with consulting firms specializing in anti-
phishing work
Monitor online chat rooms used by criminals
Summary
Online stores: payment forms
Credit, debit, charge cards (payment cards)
Ubiquitous, convenient, easy to use
Electronic cash advantages and potential uses
Making micropayments, stored online or offline
Electronic wallets provide convenience
Stored-value cards
Smart cards, magnetic strip cards
Summary (cont'd.)
Banks process most monetary transactions
Use nternet technologies to process checks
Concerns: phishing expeditions, identity theft

CH 11

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CH 11

Uploaded by

Copyright:

Available Formats

EIectronic Commerce

You might also like