An online payment system allows a customer to make a payment to an online merchant or a service provider. Payment gateways, a channel between customers and payment processors, use various security tools to secure a customer’s payment information, usually debit or credit card information, during an online payment. However, the security provided by a payment gateway cannot completely protect a customer’s payment information when a merchant also has the ability to obtain the payment information in some form. Furthermore, not all merchants provide a secure payment environment to their customers and, despite having a standard payment policy, adhere to it. Consequently, this exposes a customer’s payment information to risks of being compromised or misused by merchants or stolen by hackers and spammers. In this thesis we propose a new approach to payment systems in which a customer’s payment information cannot be obtained by a merchant. A customer sends his payment information directly to a payment gateway and a payment gateway, upon verifying the transaction, sends a payment to the appropriate merchant. We use the Pedersen commitment scheme along with dual signatures to securely transfer funds to a merchant and protect a customer’s payment information from any Internet vulnerabilities.
Identifer | oai:union.ndltd.org:uky.edu/oai:uknowledge.uky.edu:cs_etds-1000 |
Date | 01 January 2011 |
Creators | Pant, Shristi |
Publisher | UKnowledge |
Source Sets | University of Kentucky |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | Theses and Dissertations--Computer Science |
Page generated in 0.0022 seconds