Trade Article

• Essential Articles for Buyers
• Payment & Security
• Popular Payment Methods

Payment & Security

Protecting card details is the primary security risk with electronic transactions. Both, the software as well as the hardware companies have invested a great deal to completely protect online data and build up customer confidence. In today's online climate, it is very important to make the payment secure but also to be seen as secure.

There are three best known options for the encryption and security of personal and card details. They are explained below:

Secure Socket Layer (SSL)

The SSL protocol was originally developed by Netscape. This mode of payment allows the traffic to be scrambled (or encrypted). It provides a high level of protection and is most commonly used. SSL has recently been succeeded by Transport Layer Security (TLS). It is based on SSL. SSL is included as part of the Microsoft and Netscape browsers and most web server products. The 'socket' in the term refers to the sockets method of passing data back and forth between client and server program in a network or that of between the program layers in the same computer. It uses the public-and-private key encryption system from RSA, that also includes the use of a digital certificate.

Secure Electronic Transaction (SET)

This mode of payment encrypts payment card transaction data and verifies it that both the parties in the transaction are genuine. It was originally developed by Mastercard and Visa in collaboration with leading technology providers. It has a large corporate backing and is perceived to be more secure as it has validation from card companies. It makes use of the Netscape's Secure Sockets Layer (SSL), Microsoft's Secure Transaction Technology (STT), and Terisa System's Secure Hypertext Transfer Protocol (S-HTTP). It also uses few aspects of the public key infrastructure (PKI).

Public Key Software Infrastructure (PKI)

PKI is a system of public key encrypryption which uses digital certificates from Certificate Authorities and other registration authorities. They verify and authenticate the validity of each party involved in an electronic transaction. This process is similar to the bank's night safe where many public keys can be used to deposit the items into the safe but for withdrawals only one private key, belonging to the bank, can be used.