CarderPlanet
Professional
Today it is difficult to imagine a serious - and not necessarily large - business without Internet support in the form of its own resource, selling pages or an online store. The payment system allows you to turn an ordinary electronic catalog into a functioning virtual store with the ability to select a product on the seller's website and pay for it. It is not surprising that the issue of effective organization of the security of electronic payments is important for the owner of any Internet service specializing in financial settlements.
Information protection in electronic payment systems assumes the fulfillment of the following conditions:
Modern methods of protecting information of electronic payment systems
Today, the protection of information of electronic payment systems is carried out mainly with the help of:
In this regard, today the security of payment systems in e-commerce is ensured by the simultaneous use of protocols with private and public keys. Information that travels over networks is encrypted using a private key. In this case, its generation is carried out dynamically, and it is transferred to the second party to the transaction with a cipher based on the public key. As a rule, encryption is carried out using the Secure Sockets Layer (SSL) protocol, as well as Secure Electronic Transaction (SET) - it was developed by the financial giants MasterCard, VISA. The first protocol performs channel-level encryption, while the second encrypts financial data directly. In the process of using applications with the SET protocol, a double electronic signature algorithm is used.
One part of it is sent to the seller and the other to the bank. Thanks to this scheme, the buyer has access to all data on orders, but he does not have access to the settlement details of the selling party, and the bank, in turn, has access to all the financial data of both parties to the transaction in the absence of information about the composition of the order. To improve the protection of virtual transactions, virtual certification authorities are also called upon to issue e-commerce representatives unique "certificates" in electronic format with a signed personal public key. An electronic certificate is issued by the center on the basis of the identification documents of the parties to the transaction and is valid for a certain period of time. With such a certificate, a participant in a commercial transaction can perform financial transactions, checking the validity of the public keys of other participants.
Information protection in electronic payment systems assumes the fulfillment of the following conditions:
- confidentiality - in the process of online settlements, the buyer's data (number of a plastic credit card or other payment means) should remain known only to institutions and structures that have a legal right to do so;
- authentication - most often a PIN code or message, thanks to which the client (or the seller) can make sure that the second party to the transaction is exactly who he claims to be;
- authorization - makes it possible, before the start of the transfer of money, to determine whether the buyer has a sufficient amount in order to pay for the order.
Modern methods of protecting information of electronic payment systems
Today, the protection of information of electronic payment systems is carried out mainly with the help of:
- instant authorization of the payer;
- encryption of financial information on the Internet;
- special certificates.
In this regard, today the security of payment systems in e-commerce is ensured by the simultaneous use of protocols with private and public keys. Information that travels over networks is encrypted using a private key. In this case, its generation is carried out dynamically, and it is transferred to the second party to the transaction with a cipher based on the public key. As a rule, encryption is carried out using the Secure Sockets Layer (SSL) protocol, as well as Secure Electronic Transaction (SET) - it was developed by the financial giants MasterCard, VISA. The first protocol performs channel-level encryption, while the second encrypts financial data directly. In the process of using applications with the SET protocol, a double electronic signature algorithm is used.
One part of it is sent to the seller and the other to the bank. Thanks to this scheme, the buyer has access to all data on orders, but he does not have access to the settlement details of the selling party, and the bank, in turn, has access to all the financial data of both parties to the transaction in the absence of information about the composition of the order. To improve the protection of virtual transactions, virtual certification authorities are also called upon to issue e-commerce representatives unique "certificates" in electronic format with a signed personal public key. An electronic certificate is issued by the center on the basis of the identification documents of the parties to the transaction and is valid for a certain period of time. With such a certificate, a participant in a commercial transaction can perform financial transactions, checking the validity of the public keys of other participants.
