A SECURE ONLINE PAYMENT SYSTEM

Pant, Shristi

01 January 2011

An online payment system allows a customer to make a payment to an online merchant or a service provider. Payment gateways, a channel between customers and payment processors, use various security tools to secure a customer’s payment information, usually debit or credit card information, during an online payment. However, the security provided by a payment gateway cannot completely protect a customer’s payment information when a merchant also has the ability to obtain the payment information in some form. Furthermore, not all merchants provide a secure payment environment to their customers and, despite having a standard payment policy, adhere to it. Consequently, this exposes a customer’s payment information to risks of being compromised or misused by merchants or stolen by hackers and spammers. In this thesis we propose a new approach to payment systems in which a customer’s payment information cannot be obtained by a merchant. A customer sends his payment information directly to a payment gateway and a payment gateway, upon verifying the transaction, sends a payment to the appropriate merchant. We use the Pedersen commitment scheme along with dual signatures to securely transfer funds to a merchant and protect a customer’s payment information from any Internet vulnerabilities.

Online Payment Systems

Payment Gateways

Pedersen Commitment

Secure Electronic Transaction

Dual Signatures

Computer Sciences

Elektroninės komercijos saugumas / ECommerce security

Budrionis, Andrius

09 July 2011

Darbe nagrinėjami šiuo metu rinkoje naudojami elektroninių atsiskaitymų modeliai ir jų saugumo problemos. Kadangi elektroninių transakcijų metu operuojama svarbiais ir konfidencialiais duomenimis, aukštesnio saugumo lygio užtikrinimo problema visada išlieka itin aktuali. Darbe išnagrinėtos dažniausiai sutinkamos elektroninių atsiskaitymų schemos (tiesioginis atsiskaitymas ir atsiskaitymas per Paypal sistemą), jų saugumo užtikrinimo principai, technikos ir spragos. Atsižvelgiant į dabartinius rinkos poreikius ir informacijos saugumo spragas šiuo metu naudojamuose modeliuose, suprojektuotas aukštesnio saugumo lygio elektroninių atsiskaitymų modelis ir realizuotas šio sprendimo prototipas. Šio prototipo projektas ir realizacija gali būti naudojamos kaip rekomendacijos kūrėjams, tobulinantiems elektroninių atsiskaitymų modelių saugumą. / The work deals with electronic payment models used in the market and their security problems. As electronic transactions operate with important and confidential data, ensuring higher level of security is always an actual issue. The study generally concerns the main electronic payment schemes (direct payment and payment through Paypal), their safety principles, technical decisions and security ensuring gaps. Considering the current market needs and information security gaps in current eCommerce models, a new, ensuring higher level of security in electronic payments, model was designed and a prototype of this decision was implemented. The prototype design and implementation may be used as recommendations for developers, improving electronic payment security models.

Elektrininės komercijos saugumas

E-commerce security

Saugūs elektroniniai atsiskaitymai

Secure e-payments

Elektroninės komercijos modelis

E-commerce model

Elektroninių atsiskaitymų modulis

E-payment module

E-payments module prototype

Saugi elektroninė transakcija

Secure electronic transaction

E-parašo infrastruktūra

E-signature infrastructure

電子取引における意思表示の法理 : 電子契約法・電子署名法の意義に関する一考察 / デンシ トリヒキ ニオケル イシ ヒョウジ ノ ホウリ デンシ ケイヤク ホウ デンシ ショメイ ホウ ノ イギ ニカンスル イチコウサツ

徐, 熙錫, Seo, Hee Seok

23 March 2007

博士（法学） / 甲第373号 / iv, 377p / 一橋大学

電子取引

電子資金移動取引

意思表示

電子契約

電子署名

electronic transaction

electronic funds transfer

manifestation of intention

electronic contract

electronic signature

Elektronické právní jednání: Srovnávací analýza s důrazem na využití elektronického podpisu podle práva EU, České republiky a Německa / Electronic Legal Transaction: Comparative analysis with emphasis on the use of electronic signature under the EU law and laws of the Czech Republic and Germany

Kment, Vojtěch

January 2018

Electronic Legal Transaction: Comparative analysis with emphasis on the use of electronic signature under the EU law and laws of the Czech Republic and Germany Abstract (English) Objectives. This thesis provides a comparative analysis of electronic legal transactions under the EU law and laws of the Czech Republic and Germany, while emphasising the utilisation of higher versions of electronic signature, especially of a qualified electronic signature, which has legal effects of a handwritten signature in legal transactions performed by electronic means (Chapters 6 to 10). At the same time, increased attention is also paid to entirely novel concepts of advanced and qualified electronic seal, which are intended exclusively for use by juristic persons. The laws under scrutiny are based especially on recently adopted Regulation (EU) No 910/2014, known as eIDAS. To provide a general background, the comparative analysis is preceded by a theoretical part (Chapters 2 to 4, partially Chapter 5), dealing with the concept of legal transactions (also termed "legal acts" or "legal action") in general, while also focusing on the traditional handwritten signature and its functions, especially in view of the German and Czech legal doctrines and with occasional references to common law, as well as to requirements ensuing...

Elektronické právní jednání: Srovnávací analýza s důrazem na využití elektronického podpisu podle práva EU, České republiky a Německa / Electronic Legal Transaction: Comparative analysis with emphasis on the use of electronic signature under the EU law and laws of the Czech Republic and Germany

Kment, Vojtěch

January 2018

Electronic Legal Transaction: Comparative analysis with emphasis on the use of electronic signature under the EU law and laws of the Czech Republic and Germany Abstract (English) Objectives. This thesis provides a comparative analysis of electronic legal transactions under the EU law and laws of the Czech Republic and Germany, while emphasising the utilisation of higher versions of electronic signature, especially of a qualified electronic signature, which has legal effects of a handwritten signature in legal transactions performed by electronic means (Chapters 6 to 10). At the same time, increased attention is also paid to entirely novel concepts of advanced and qualified electronic seal, which are intended exclusively for use by juristic persons. The laws under scrutiny are based especially on recently adopted Regulation (EU) No 910/2014, known as eIDAS. To provide a general background, the comparative analysis is preceded by a theoretical part (Chapters 2 to 4, partially Chapter 5), dealing with the concept of legal transactions (also termed "legal acts" or "legal action") in general, while also focusing on the traditional handwritten signature and its functions, especially in view of the German and Czech legal doctrines and with occasional references to common law, as well as to requirements ensuing...