E- PAYMENT

Electronic Payment is a financial exchange that takes place online between buyers and
sellers. The content of this exchange is usually some form of digital financial instrument
(such as encrypted credit card numbers, electronic cheques or digital cash) that is backed by
a bank or an intermediary, or by a legal tender.

An E- payment system is an online system that facilitates the acceptance of electronic

payment for online transactions and any kind of non-cash payment that doesn't involve a
paper check.

The electronic payment system has grown increasingly over the last decades due to the
widely spread of internet-based banking and shopping. As the world advance more on
technology development, a lot of electronic payment systems and payment processing
devices have been developed to increase, improve and provide secure e-payment
transactions while decreasing the percentage of check and cash transaction.

TYPES OF E-PAYMENT SYSTEMS

1.      A one-time customer-to-vendor payment:
o   It is commonly used when user shop online at an e-commerce site, such as Amazon. User clicks
on the shopping cart icon, type in the credit card information and click on the checkout button.
The site processes the credit card information and sends an e-mail notifying the user that the
payment was received. On some Web sites, an e-check can be used instead of a credit card.

2.      Recurring customer-to-vendor payment:

o   It is used when user pay a bill through a regularly scheduled direct debit from their checking
account or an automatic charge to their credit card. This type of payment plan is commonly
offered by car insurance companies, phone companies and loan management companies.

3.      Automatic bank-to-vendor payment,

o   User’s bank must offer a service called online bill pay where the user log on to the bank's Web
site, enter the vendor's information and authorize the bank to electronically transfer money from
their account to pay their bill. User can choose whether to do this manually for each billing cycle
or have their bills automatically paid on the same day each month.

METHODS OF ELECTRONIC PAYMENTS

1. BANKING AND FINANCIAL PAYMENTS

2. ON-LINE ELECTRONIC COMMERCE PAYMENTS

1. BANKING AND FINANCIAL PAYMENTS

 The banks can accept a restricted deposit which is limited to a specific amount per customer. The
banks cannot issue loans and credit cards. Both current account and savings accounts can be
operated by banks. Payments banks can issue services like ATM cards, debit cards, online
banking and mobile banking.

Banking and financial payments include:

         Large-Scale or wholesale payments (e.g. bank to bank transfer)
         Small-Scale or Retail payments (e.g. automated teller machine and cash dispenses)
         Home banking (e.g. bill payment)

2. ON-LINE ELECTRONIC COMMERCE PAYMENTS

[i] Token Based Payments system-Electronic cash, Electronic cheques, Smart Cards or debit cards.
[ii] Credit card based payment system.

DIGITAL TOKEN-BASED E-PAYMENT

A token based payment system is one in which tokens are purchased from authorized
vendors may be used as credit in the purchase of goods and services. E-token is equivalent
to cash that is backed by a bank.

Digital token payment is of 3 types:

1.      Cash or real time: Transactions are settled with the exchange of electronic currency.
Example- E-cash.
2.      Debit or prepaid: Users pay in advance. Example-Smart Cards.
3.      Credit or postpaid: The server authenticates the customers and verifies with the bank that
funds are adequate before purchase.

BENEFITS OF DIGITAL TOKEN BASED PAYMENT SYSTEM-

A. Benefits to buyer:

1. Convenience of global acceptance, a wide range of payment options, and enhanced financial
management tools.
2. Enhance security and reduce liability for stolen or miss used cards.
3. Consumer protection through and established system of dispute resolution.
4. Convenient and immediate access to funds on deposit via debit cards.
5. Accessibility to immediate credit, intuitively, the comparative cost of arranging for a
consumer loan related to the ability to obtain credit at the point of sell is substantial in
considering both the direct processing costs as well as the implicit opportunities costs to
borrower and lender.
B. Benefits to Seller:

1. Speed and security of the transaction processing chain from verification and authorization to
clearing and settlement.
2. Freedom for more costly labour, materials and accounting services that are required in paper
based processing.
3. Better management of cash flow, inventory and financial planning due to swift bank payment.
4. Incremental purchase power on the part of the consumer.
5. Cost and risk saving by eliminating the need to run an in house credit facility.

RISK OF E PAYMENTS
1. From Customer's Perspective:
 Stolen Payment credentials and passwords.
 Dishonest merchants for financial service providers.
 Disputes over quality of services and products.
Fraud

o Electronic payment systems are prone to fraud. The payment is done

usually after keying in a password and sometimes answering security questions. There is
no way of verifying the true identity of the maker of the transaction. As long as the
password and security questions are correct, the system assumes the right person. If this
information falls into the possession of fraudsters, then they can defraud the money.
Impulse Buying

o Electronic payment systems encourage impulse buying, especially online and

customers are likely to make a decision to purchase an item they find on sale online,because
it will cost just a click to buy it through credit card. 
Impulse buying leads to disorganized budgets and is one of the disadvantages of electronic
payment systems.

2. From Merchant's Perspective:

 Forget payment.
 Insufficient funds in customers account.
 Slow Financial service providers.

3. From Financial Service Providers Perspective:

 Stolen customer or service credentials.
Tax Evasion

 Businesses are required by law to provide records of their financial transactions

to the government so that their tax compliance can be verified. Electronic payment
however can frustrate the efforts of tax collection. Unless a business discloses the
various electronic payments it has made or received over the tax period, the government
may not know the truth, which could cause tax evasion.

Payment Conflict
 Payment conflicts often arise because the payments are not done manually but by
an automated system that can cause errors. This is especially common when payment is
done on a regular basis to many recipients. If you do not check your pay slip at the end
of every pay period, for instance, then you might end up with a conflict due to these
technical glitches, or anomalies.

MEASURES TO REDUCE E PAYMENT RISK

1. Achieve and maintain PCI Compliance.

 The Payment Card Industry’s Data Security Standard (PCI DSS) is a set of standards
and requirements to help ensure that all online merchants and their customers are
protected from fraud and data breaches. Achieving and maintaining your compliance via the
PCI Compliance Guide is a critical first step to protecting your eCommerce business. In fact,
failing to maintain compliance could result in hefty fines — and could ultimately result in
loss of services from reputable eCommerce vendors.

2. Recognize signs of suspicious activity.

 Unusually large orders or high-priced orders
 Expedited shipping on large quantities or high-priced orders
 Expedited shipping when billing and shipping addresses differ
 Orders where the purchaser asks to pick up the order at your location
 Fake phone numbers (e.g. 555-987-6543)
 Suspect email addresses (e.g. 1234XYZ@gmail.com, or addresses that seem like
randomly generated combinations of numbers and letters)
 Inconsistent address information (e.g. zip code doesn’t match state or city)

3. USE SET

 Secure Electronic Transaction (SET) was a communications protocol standard for

securing credit card transactions over insecure networks, specifically, the Internet.
 It was supported initially by Mastercard, Visa, Microsoft, Netscape, and others. 
 With SET, a user is given an electronic wallet (digital certificate) and a transaction is
conducted and verified using a combination of digital certificates and digital signatures
among the purchaser, a merchant, and the purchaser's bank in a way that ensures privacy
and confidentiality. 
 SET makes use of Netscape's Secure Sockets Layer (SSL), Microsoft's Secure
Transaction Technology (STT), and Terisa System's Secure Hypertext Transfer Protocol (S-
HTTP). SET uses some but not all aspects of a public key infrastructure (PKI).
4. AVS: 
 Address Verification System is an automated fraud prevention method used to
reduce the risk for merchants selling in the “card-not-present” – e. g. online or telephone
purchase – environment. AVS checks the billing address listed in the transaction against
any other address registered with the issuing bank. Merchants should request both billing
and shipping addresses of the consumer so an AVS check can be conducted before a
transaction is processed.

5. CVV: 

 Card Verification Value is the three-digit security code printed on the back of the
credit or debit card (in the case of American Express, four digits on the card front). It is not
stored in the magnetic strip or embossed on the card, so it can’t be as easily retrieved by
thieves unless the card is in their possession. Visa calls it a CVV2, MasterCard calls it a
CVC2, and American Express calls it CID. 

6.Geolocation by IP Address: 

 This can help to identify the consumer’s precise location or determine the distance
between billing address of the person who is paying for the product and actual location of
the person who is placing the online order. Thus, it acts as an additional verification
measure or authentication for transactions that have a significant distance discrepancy.
Geolocation technology provides information that assistance online business owners
conclude which transactions to look deeply into and which to clear. This leads to an even
balance between the risks of losses due to fraudulent activity and the risk of preventing
legitimate customers from completing their purchases.

DESIGNING ELECTRONIC  PAYMENT SYSTEM

1. BASIC REQUIREMENTS
2. COMPONENTS THAT MAKE E-PAYMENT SYSTEM

1. BASIC REQUIREMENTS
Designing an electronic payment system should have the requirements assessed: 

Technological  Requirements       Economic Requirements

- Authentication                             The cost of Transaction
- Integrity                                        Atomic exchange
- Confidentiality                              User Range (System accessibility)
- Non Repudiation                           Value Mobility (value is used anywhere)
                                                          Financial Risk
                                                         Return On Investment (ROI)

Social Requirements                         Legal Requirements

- Privacy                                               Digital Signature
- Accessibility                                      Digital Transfer
- Mobility                                             Legality of Payment
                                                             E-commerce Contracts
                                                             Technical Standards
                                                             Rental Taxes
                                                             International Transactions
                                                             Intellectual Property Protection
1. Technological Requirements
 When designing an electronic payment system, the system’s ability of the
effectiveness and the security of each transaction and the degree of compatibility with the
online shop must be taken into consideration.
 A payment system requires the greatest level of security in electronic commerce
transactions . 
 It must have confidentiality, authenticity, integrity and non-repudiation of
transactions.
2. Economic Requirements
 These deal with the cost of transaction which refers to the amount paid by the client.
 Economic assessments include also atomic exchange which means that the consumer
will pay money or something equivalent in value. 
 An electronic payment system must also be accessible in all countries of the world, to
all ages (user range) or currency in equal value and must not be restricted to the company
that created the value. 
 Economic needs also deal with financial risks ,because consumers and merchants are
very concerned about the degree of security involved in online transactions.
 Return On Investment(ROI) is a economic parameter and a performance measure
used to evaluate the efficiency of an investment. 
3. Social Requirements
 Payment system must prevent companies or financial institutions from tracing user
information and must be simple and user-friendly.As social needs, electronic payment
methods should also be accessible anywhere.  
4. Legal Requirements
 Electronic payment system must abide by governmental regulations and the law and
guaranty all necessary proofs (digital signature, contracts,...)to protect users performing
domestic/international transactions.

 COMPONENTS THAT MAKE E-PAYMENT SYSTEM

1. DATABASE INTEGRATION  
 An integration database is a database which acts as the data store for multiple
applications, and thus integrates data across these applications (in contrast to an
ApplicationDatabase). An integration database needs a schema that takes all its client
applications into account.
 Each record should be kept in separate database.
 Each database must be linked together  to access from anywhere. 

2. BROKERS

 The role of electronic brokers facilitate financial transactions electronically.

 The information superhighway directly connects millions of people, each both a
consumer of information and a potential provider. If their exchanges are to be efficient, yet
protected on matters of privacy, sophisticated mediators are required.  Electronic brokers 
play this important role by organizing markets that promote the efficient production and
consumption of information. 
 Electronic brokers will be required to permit even reasonably efficient levels and
patterns of exchanges. 
 Their ability to handle complex, albeit mechanical, transactions, to process millions
of bits of information per second, and to act in a demonstrably even-handed fashion will be
critical as this information market develops. 
 Electronic brokers can also run pricing systems, charging and crediting slight
amounts to individual accounts as bits careen along the superhighway.

3. STANDARDS

 The e-payment standards enable payment users to link with various networks and
other payment systems.
  Standards for interoperability which enable users to buy and receive information
regardless of which bank is managing their money.
4. PRICING

 Payment card networks, such as Visa, require merchants' banks to pay substantial
"interchange" fees to cardholders' banks, on a per transaction basis. 
 Consumers make two distinct decisions (membership and usage) whereas merchants
make only one (membership). 

5. PRIVACY

 Protecting the privacy of evaluators and their information is another important

policy concern of e-payment system. 
 Contemporary standards of fairness require that many documents, ranging from
letters to the editor to personnel evaluations, be signed, and that one's accuser be identified
in court. 
 Signed evaluations are less likely to be unfair and, over time, people can identify
trustworthy evaluators.
 In a model of electronic payment gateway-there are five interfaces.
1. Customer Interface
2. Server (e-payment Gateway) Interface
3. Client Bank Interface
4. Merchant Bank Interface
5. Merchant Interface 

Online Customer will connect to e-payment gateway through Internet. Gateway will connect
to the Bank and check whether its bank accounts is enough to buy the required product.
Online customer can also visit Merchant’s website through Gateway.

              Protocol Design and Verification

Success of electronic payment system is based on the design principals and its correctness.
Rules, formats, and procedures that have been agreed upon between participating parties
are collectively called a protocol. The protocol, then, can contain agreements on the
methods used for:
         Initiation and termination of data exchanges.
         Synchronization of senders and receivers.
         Detection and correction of transmission errors.
         Formatting and encoding of data.

A protocol specification consists of five distinct parts. To be complete, each specification

should include explicitly:
1. The service to be provided by the protocol.
2. The assumptions about the environment in which the protocol is executed.
3. The vocabulary of messages used to implement the protocol.
4. The encoding (format) of each message in the vocabulary.
5. The procedure rules guarding the consistency of message exchanges.