Electronic payment system:

EPS are becoming central to online business process innovation as companies look for ways to serve
customers faster and at lower cost.
The most important function of e-commerce over the I way. As e-commerce involves the exchange of
some form of money for goods and services, payment system are integral part of electronic commerce system.
Because of the online transactions in electronic commerce, there is a rising concern for the security of these
systems.

EPS is also known as EFT, which is defines as any transfer of funds initiated through an electronic
terminal, telephone instrument, computer or even magnetic tape to order, instruct or authorized a financial
institution to debit or credit of an account. Work on EFT can be categorized on three broad categories:

Banking and Retailing Online electronic

Financial Payment commerce payment
Payment
• Debit Card • Token Based Payment system
• Large scale or wholesale • Credit Card • ---e-cash
payment • Charge Card • --e-checks
• Small scale or retail • --smart card and debit cards
payment
• Credit Card Payment System
• Home payment
• ----encrypted credit card
• ---third party authorization
numbers

Digital Token Based Payment System:

New forms of financial instruments called electronic tokens in the handled in the form of electronic cash
or checks. E-tokens are designed as electronic analogue of various forms of payment backed by a bank or
financial institution, basically they are equivalent to cash that is assured by a bank. Electronic tokens are of
three types:
1. E-cash or real time: electronic commerce transactions are settled with the exchange of electronic
currency. Such as e-cash.
2. Prepaid or debit card: in this case, consumers need to pay in advance for the privilege of
getting information.
3. Postpaid or Credit card: this is another option available, where the server authenticates the
consumer and verifies with the bank that funds are adequate before purchase.

 Electronic Cash: it is a new concept in online payment systems because it combines computerized
convenience with security and privacy that improve on paper cash. It can be based on e-payment
protocol that supports a series of payment transactions using electronic tokens or coins issued by third
party.
There are three types of users in this payment system:
 the payer e.g. consumer
 a payee e.g. merchant
 a financial network where both the payer and payee have accounts. There are three types of
transactions in this payment system as given below:
 Withdrawal: the payer transfers some money from his bank account to his or her
payment card.
 Payment: the payee transfers the money from the card to the payee.
 Deposit: the payee transfers the money received to his bank account. There are two types of
implementations of this system as given below:
 Online Payment: the merchant calls the bank and verifies the validity of the consumer’s token or
electronic coin before accepting the payment and delivering the merchandise.
 Offline payment: the merchant submits the consumer’s payment for verification and deposit
sometimes after the payment transaction is completed.
There are three participants involved in this system as given below:
 Client wallet software: e-cash software should be installed on the client computer from where
the consumer can use e-coins to make purchases from the merchants. The client can store the
coins in the client wallet, withdraw coins from that and request new coins from the bank.
 Merchant software: there has to another merchant software installed on the merchant machine to
accept and process payments and sell items. This software will interact with the bank to perform
validation and authentication. Also the software can make refunds, if required.
 Banks: both the client and merchant should have e-cash account in the bank. The bank can issue
new coins to the client, validate the coins when presented.
 Electronic checks: e-checks are another form of electronic token. They are designed to
accommodate the many individuals and entities that might prefer to pay on credit or
through some mechanism other than cash. In e-check buyer must register with a third
party account server before they are able to write electronic checks. The account server
also acts as a billing service. The registration procedure can vary depending on the
particular account server and may require a credit card or a bank account to back the
checks. Once registered, a buyer can then contact sellers of goods and services. To
complete a transaction, the buyer sends a check to the seller for a certain amount of
money. These checks may be sent using e mail when deposited. The check authorizes the
transfer of account balances from the account against which the check was drawn to the
account to which the check was deposited.

 Smart cards and EPS: in the meantime, thousands of would be sellers of electronic commerce
services have to pay one another and are actively looking for payment substitutes. One such
substitutes is the smart card.
Smart cards are credit and debit cards and other card products enhanced with microprocessors
capable of holding more information than the traditional magnetic stripe. Relationship based
products are expected to offer consumers far greater options, including the following:
Access to multiple accounts, such as debit, credit, investments or stored value for e-cash, on one
card or an electronic device.
 A variety of functions, such as cash access, bill payment, balance inquiry, or funds
transfer for selected accounts.
 Multiple access options at multiple locations using multiple device types, such as an
automated teller machine, a screen phone, a personal computer, a personal digital
assistant.
 Credit card and EPS: to avoid the complexity associated with digital cash and electronic
checks, consumers and vendors are also looking at credit card payments on the internet
as one possible time tested alternative. There is nothing new in the basic process. If
consumers want to purchase a product or service, they simply send their credit card details
to the service provider involved and the credit card organization will handle this payment
like any other.
We can break credit card payment on online networks into three basic categories:
 Payments using plain credit card detail: the easiest method of payment is the
exchange of unencrypted credit cards over a public network such as telephone lines or
the internet. The low level of security inherent in the design of the internet makes
this method problematic. Authentication is also a significant problem, and the vendor is
usually responsible to ensure that the person using the credit card is its owner. Without
encryption there in so way to do this.
 Payments using encrypted credit card details: it would make sense to encrypt your
credit card details before sending them out, but even then there are certain factors to
consider. One would be the cost of a credit card transaction itself. Such cost would
prohibit low value payments by adding costs to the transactions.
 Payments using third party verification: one solution to security and verification
problems is the introduction of a third party: a company that collects and approves
payments from one client to another. After a certain period of time, one credit card
transaction for the total accumulated amount is completed.

 Encryption and credit cards: encryption is simply when credit card information is entered
into a browser or other electronic commerce device and sent securely over the network
form buyer to seller as an encrypted message. To make a credit card transaction truly secure
and nonrefutable, the following sequence of steps must occur before actual goods, services,
or funds below:
1. A customer presents his or her card information securely to the merchant.
2. The merchant validates the customer’s identity as the owner of the credit card account.
3. The merchant relays the credit card charge information and signature to its bank or
online credit card processors.
4. The bank or processing party relays the information to the customer’s bank for
authorization approval.
5. The customer’s bank returns the credit card data, charge authentication, and authorization
to the merchant.
 Third party processor and credit cards: in third party processing, consumers register
with a third party on the internet to verify electronic micro transactions. Verification
mechanism can be designed with many of the attributes of electronic tokens, including
anonymity. They differ from electronic token systems in that (1) they depend on existing
financial instruments and (2) they require the online involvement of at least one additional
party and, in some cases, multiple parties to ensure extra security. OTPPs have created
a six step process that they believe will be a fast and efficient way to buy information
online:
1. The consumer acquires an OTPP account number by filling out a registration form. This
will give the OTPP a customer information profile that is backed by a traditional
financial instrument such as a credit card.
2. To purchase an article, software, or other information online, the consumerrequests the
items from the merchant by quoting her OTP account number. The purchase can take place in
one of two ways: the consumer can automatically authorize the merchant via browser setting to
access her OTPP account and bill her, or she can type in the account information.
3. The merchant contacts the OTPP payment server with the customer’s account number.
4. The OTPP payment server verifies the customer’s account number for the vendor and
checks for sufficient funds.
5. The OTPP payment server sends an electronic message to the buyer. This message could
be an automatic WWW form that is sent by the OTPP server or could be a simple e
mail. The buyer responds to the form or e mail in one of three ways: yes, I agree to
pay; no I will not pay; or fraud, I never asked for this.
6. If the OTPP payment server gets a YES from the customer, the merchant is informed and
the customer is allowed to download the material immediately