Nothing Special   »   [go: up one dir, main page]

Chapter 03: Electronic Payment System: By: Diwakar Upadhyaya

Download as pdf or txt
Download as pdf or txt
You are on page 1of 67

Chapter 03: Electronic

Payment System
By: Diwakar Upadhyaya
E-Payment System
• An e-payment system is a way of making transactions or paying for
goods and services through an electronic medium, without the use of
checks or cash.
• It’s also called an electronic payment system or online payment
system.
• The electronic payment system has grown increasingly over the last
decades due to the growing spread of internet-based banking and
shopping.
• As the world advances more with technology development, we can
see the rise of electronic payment systems and payment processing
devices.
• As these increase, improve, and provide ever more secure online
payment transactions the percentage of check and cash transactions
will decrease.
• Electronic payment has revolutionized the business processing by
reducing the paperwork, transaction costs, and labor cost
• Being user friendly and less time-consuming than manual processing,
it helps business organization to expand its market reach/expansion
Listed below are some of the modes of
electronic payments

• Credit Card
• Debit Card
• Smart Card
• E-Money
• Electronic Fund Transfer (EFT)
• E-Wallet
• Mobile Wallet
Credit Card Transaction
• A form of the e-payment system which requires the use of the card
issued by a financial institute to the cardholder for making payments
online or through an electronic device, without the use of cash.
• Credit card is small plastic card with a unique number attached with
an account. It has also a magnetic strip embedded in it which is used
to read credit card via card readers. When a customer purchases a
product via credit card, credit card issuer bank pays on behalf of the
customer and customer has a certain time period after which he/she
can pay the credit card bill. It is usually credit card monthly payment
cycle.
Following are the components in the credit
card system

• The card holder − Customer


• The merchant − seller of product who can accept credit card
payments.
• The card issuer bank − card holder's bank
• The acquirer bank − the merchant's bank
• The card brand − for example , visa or Mastercard.
Credit Card Payment Process
Step Description
Step 1 Bank issues and activates a credit card to the customer on his/her request.
Step 2 The customer presents the credit card information to the merchant site or to the merchant
from whom he/she wants to purchase a product/service.
Step 3 Merchant validates the customer's identity by asking for approval from the card brand
company.
Step 4 Card brand company authenticates the credit card and pays the transaction by credit.
Merchant keeps the sales slip.
Step 5 Merchant submits the sales slip to acquirer banks and gets the service charges paid to
him/her.
Step 6 Acquirer bank requests the card brand company to clear the credit amount and gets the
payment.
Step 6 Now the card brand company asks to clear the amount from the issuer bank and the
amount gets transferred to the card brand company.
Advantages:
• Payment cards provide fraud protection.
• They have worldwide acceptance (nearly!).
• They are good for online transactions.
Disadvantages:
• Payment card service companies charge merchants per-transaction
fees and monthly processing fees.
Online Stored Value Payment System
• Stored value systems are a form of electronic payment technology.
• They coexist with credit and debit technology and principally target
the low value transactions.
• Online stored value systems have very low transaction cost.
• Stored value systems are based on creating a form of electronic
value, for example on smart cards or as computer files.
• The value can be bought (withdrawn) anytime and spent in optional
parts later
• SVC are easy to use, low-cost and easy to issue
Two varieties for stored value card

Closed Loop (Single Loop)


• Cards are issued by a specific merchants or merchant group.
• Ex. Bhatbhateni card, Wallet for specific multiplexes
• Can only be used to make purchase from specific place.
Open loop(multipurpose)
• Credit can be used to make debit transaction at variety of retailers
• Ex. MasterCard -Visa-Payroll Cards -government benefits card -
prepaid debit card
• Can be used anywhere the branded cards are accepted.
Why use stored value cards
• convert cash and paper transactions to electronic
• reduce the cost of securing, transporting and accounting for cash
• accelerate transactions at the point-of-sale (POS)
• to get rid of intensive back-end processes like vouchers, meal tickets,
money orders, traveler's checks or other payment methods
• decrease the extent of theft or loss
• offer consumers more possibilities
Misuse of Stored Value Cards
Money laundering
• There is growing concern that criminals worldwide are using Stored
Value Cards to move money from criminal activities across
international borders.
• For example in the United States it is legal to enter or leave the
country with money that is stored on these cards.
Who is getting the most benefit from Stored-
value card??
• Adults who don’t have bank account
• People with low income
• Young adults
• Senior
• Immigrants
• minorities
Digital Wallet
• Digital wallet are technologies that electronically stores credit card
numbers, debit card numbers, loyalty card numbers, etc. on the
cloud.
• Your money still stays in your bank or credit card account.
• Digital wallet basically keeps your details to make transactions easier.
• Examples of digital wallet are Google Pay, Masterpass & Visa
Checkout.
• With digital wallets, we can not only go cashless, we can also go
cardless.
E-Wallet
• E-Wallets are prepaid wallets that requires money to be loaded prior
to any transaction.
• It can either be accessed on the e-wallet’s website or applications via
laptop, tablet, or phone. Some of e-wallet functions include:
• Storing credit and debit card information
• Storing funds (e-money)
• Keeping coupons or loyalty credits
• Enabling payment for purchases at physical or online store, Splitting
bills
• Peer-to-peer transfer and of course
• Security
• Example: Khalti, Esewa etc
Mobile Wallets
• A mobile wallet can be installed on your phone as an application and
allows you to “tap to pay” in stores, often using Near Field
Communication (NFC) technology.
• With a mobile wallet, a user typically pays by tapping a terminal or
scanning a QR code with a smartphone or devices such as a
smartwatch or a fitness tracker.
• Example: fonepay (Esewa)
Summary
Best Digital Wallets in Nepal
• E-Sewa
• Khalti
• IME-Pay
• Prabhu Pay
• Cellpay
Smart Card
• Smart card is again like a credit card or a debit card in appearance,
but it has a small microprocessor chip embedded in it.
• It has the capacity to store a customer’s work-related and/or
personal information. Smart cards are also used to store money and
the amount gets deducted after every transaction.
• Smart cards can only be accessed using a PIN that every customer is
assigned with.
• Smart cards are secure, as they store information in encrypted format
and are less expensive/provides faster processing. Mondex and Visa
Cash cards are examples of smart cards.
Smart Card Technology:
There are two general categories of smart cards:
1.contact
2.contactless
Contact smart card
• A contact smart card must be inserted into a smart card reader with a
direct connection to a conductive contact plate on the surface of the
card (typically gold plated).
• Transmission of commands, data, and card status takes place over
these physical contact points.
Contactless smart card
• A contactless card requires only close proximity to a reader.
• Both the reader and the card have antennae, and the two communicate
using radio frequencies (RF) over this contactless link.
• Most contactless cards also derive power for the internal chip from
this electromagnetic signal.
• The range is typically one-half to three inches for non-battery-
powered cards, ideal for applications such as building entry and
payment that require a very fast card interface.
Smart cards are used in many applications
worldwide, including:
• Secure identity applications - employee ID badges, citizen ID
documents, electronic passports, driver’s licenses, online
authentication devices
• Healthcare applications - citizen health ID cards, physician ID cards,
portable medical records cards
• Payment applications - contact and contactless credit/debit cards,
transit payment cards
• Telecommunications applications - GSM Subscriber Identity
Modules, pay telephone payment card
Social/Mobile Peer- to-
Peer Payment Systems
• Peer-to-peer payment systems — also known as P2P payments or
money transfer apps — like PayPal and Cash App allow users to send
one another money from their mobile devices through a linked bank
account or card.
• They make splitting bills with friends and family painless
• A peer-to-peer (P2P) mobile payment system is an application
that we use to make electronic money transfers to a friend,
relative, contractor, or employee.
P2P money transfer apps have
some common characteristics:

• they are designed for personal use between people who know each
other well – hence the lower level of transaction protection
compared to commercial apps;
• the time of transaction can last from several minutes to several days,
depending on the method used;
• funding requirements range across various peer-to-peer-payment
apps (bank account, debit/credit card, dedicated in-app account).
Things person-to-person payment app do
• paying a merchant / landlord on an installment plan;
• paying a taxicab service (with discounts calculation);
• setting a borrowing limit for a friend / kid and allowing them to
withdraw a set amount, a set number of times and/or at set intervals;
• sending and receiving a friend-to-friend borrowing request;
• splitting a dinner / utility bill with a friend / partner;
• sending a money transfer as a gift to loved ones;
• sending remittances to family in another country;
• paying for utilities / internet / other services online.
Four business models of P2P payment applications

• Bank-centric solutions
• Standalone financial services
• Social/messaging/web platforms
• Mobile OS / device manufacturers
Digital Cash/e-cash,
• Digital cash aims to mimic the functionality of paper cash, by
providing such properties of anonymity and transferability of
payment.
• Digital cash is intended to be implemented data which can be copied,
stored, or given as payment (for example, attached to an email
message, or via a USB stick, bluetooth, etc).
• Just like paper currency and coins, digital cash is intended to
represent value because it is backed by a trusted third party (namely,
the government and the banking industry).
Ideal Properties of a Digital Cash System
• Secure
• Anonymous
• Portable
• Two-way
• Off-line capable
• Wide Acceptability
• User-friendly
Pros and Cons
• Pros
• Provides fully anonymous and untraceable digital cash
• No double spending problems (coins are checked in real time during
the transaction).
• No additional secure hardware required
• Cons
• Communications overhead between merchant and the bank.
• Huge database of coin records -- the bank server needs to maintain
an ever-growing database for all the used coins’ serial numbers.
• Difficult to scale, need synchronization between bank servers.
• Coins are not reusable
E-Checks
• An e-check is an electronic version of a paper check that provides
different payment processing times and less waste.
• With an e-Check, money is electronically transferred from the payers'
checking account and directly deposited to the sellers account, after
passing through the ACH(Automated Clearing House) network.
• It also means that you can convert a paper check received from a
customer into an electronic transfer.
• Electronic checks combine the security, speed, and processing
efficiency of all electronic transactions with the infrastructure and
processes associated with paper checks.
• Echecks are a faster and less-expensive way to get your money.
• An eCheck can also be called an electronic check, direct debit, ACH
payment, or ACH transfer
• It is the means by which you can take the information contained on a
paper check and process the payment electronically using the ACH
network

How does e-check work
Virtual Currency
• Virtual currency is a type of unregulated digital currency.
• It is not issued or controlled by a central bank.
• Examples of virtual currencies include Bitcoin, Litecoin, PI Network
etc.
• Digital currencies are stored in and transacted through designated
software, applications, and networks in digital form.
• Virtual currencies are typically issued by private issuers and used
among specific virtual communities.
• The security of the software and networks that virtual currencies
stand on is a critical concern.
Types of virtual currency
1. Centralized Virutal Currency
• A centralized virtual currency has a central administrator or
repository.
• The central administrator of a virtual currency is typically the issuer
of that currency.
• The role is like a central bank in a regulated currency system.
• XRP is an example of centralized virtual currency.
2. Decentralized virtual currency
• Decentralized currency does not have a third-party central
administrator or repository.
• Instead, a distributed system will authenticate the transactions of a
decentralized virtual currency.
• Many decentralized currencies are based on blockchain networks
such as Bitcoin, Litecoin, Ethereum, PIE.
• A blockchain network links a list of records, which is known as blocks,
with cryptography. When a transaction is requested, the request is
broadcasted in the network consisting of many computers (nodes).
Advantages and Disadvantages
Advantages:
1. convenient
2. Decentralized
Disadvantages:
1. Lacks comprehensive regulation
2. Highly volatile
3. Potential security issues
Electronic Billing Presentment and Payment
(EBPP) System
• Electronic Bill Presentment and Payment (EBPP) is an electronic
channel for distributing bills and collecting payments online.
• It marks an evolutionary logical extension of communication that
enhances and reinforces the biller's relationship with the customer.
• By using this technology, billers will be able to eliminate the costs
associated with printing paper bills, reduce delivery delays, and save
time and expenses for customers.
• At the same time, customers are provided with a fast and simplified
way to manage their bill payments without the inconvenience of
physically going to the biller's collection points to pay.
EBPP offers various benefits to different
participants in the system.
For Customers:
• Centralized Bill Presentment Mechanism.
• Customer Convenience.
• Customer Time/Cost Saving.
For Billers:
• Reduced Payment Collection Time.
• Improved Cash Flow and Forecasting.
• Improved Customer Service.
• Better Customer Loyalty and Satisfaction.
• Billing Cost Reduction.
For Banks and PSPs:
• Advantage Over the Competition.
• Easier Integration with Billers.
• New Revenue Channels.
• Better Customer Loyalty and Satisfaction.
Auctioning in Ecommerce (English, Dutch, Vic
kery, Double)
• An e-auction is a transaction between sellers (the auctioneers) and
bidders (suppliers in business-to-business scenarios) that takes place
on an electronic marketplace.
• It can occur business to business, business to consumer, or consumer
to consumer, and allows suppliers to bid online against each other for
contracts against a published specification.
• This kind of environment encourages competition, with the result
that goods and services are offered at their current market value.
Types of e-auction
1. English auction
• English auctions are where bids are announced by either an
auctioneer or the bidders, and winners pay what they bid to receive
the object.
• The most common and straightforward form of e-auction, they’re
intuitive, user-friendly and can help to reduce transaction costs.
2. Dutch auction
• Dutch auctions start at a high price, which is then incrementally
lowered until a buyer accepts the price.
• The first person to bid wins the auction, which makes them good for
quick decisions.
3. Double auction
• Here, buyers place bids and sellers place offers throughout the trading day.
• This can be done electronically, or by open outcry where each party calls
out prices, they are willing to buy or sell at and make a transaction if the
prices match up.
• In this way a negotiation of sorts occurs where buyer and seller work
together to arrive at a fair market price.


4. Vickery auction
• A Vickrey auction is a type of sealed-bid auction.
• Bidders submit written bids without knowing the bid of the other
people in the auction.
• The highest bidder wins but the price paid is the second-highest bid.
• This type of auction is strategically like an English auction and gives
bidders an incentive to bid their true value
SET (Secure Electronic Transaction)Protocol
• Secure electronic transaction (SET) was an early communications
protocol used by e-commerce websites to secure electronic debit and
credit card payments.
• Secure electronic transaction was used to facilitate the secure
transmission of consumer card information via electronic portals on
the Internet.
• Secure electronic transaction protocols were responsible for blocking
out the personal details of card information, thus preventing
merchants, hackers, and electronic thieves from accessing consumer
information.
General scenario of electronic transaction
Features in SET
• It must provide mutual authentication i.e., customer (or cardholder)
authentication by confirming if the customer is intended user or not
and merchant authentication.
• It must keep the PI (Payment Information) and OI (Order Information)
confidential by appropriate encryptions.
• It must be resistive against message modifications i.e.; no changes
should be allowed in the content being transmitted.
• SET also needs to provide interoperability and make use of best
security mechanisms.
Participants in SET
• Cardholder – customer
• Issuer – customer financial institution
• Merchant
• Acquirer – Merchant financial
• Certificate authority – Authority which follows certain standards and
issues certificates(like X.509V3) to all other participants.
SET Functionality
• Provide Authentication
• Provide Message Confidentiality
• Provide Message Integrity
Cardholder Registration.
• This is the initial step for cardholders.
• The agent C sends to a certifcation authority CA the information on
the credit card he wants to use.
• The CA replies with a registration form, which C completes and
returns, together with the signing key that C wants to register.
• Then, CA checks that the credit card is valid (this step is outside the
protocol) and releases the signatur certificate for C who stores it for
future use.
• All this information (such as credit card details) must be protected
and this makes the protocol steps complicated.
Cardholder Registration Diagram
Merchant Registration
• This phase performs the analogous function for merchants.
• In contrast with Cardholder Registration, the merchant M can not
only register a public key for signature but also a public key for
encryption.
• The process is shorter because there is no confidential information to
be protected.
Purchase Request
• We reach this phase if C has decided to buy something.
• C sends to M the order information and the payment instructions.
• M processes the order and starts the Payment Authorization phase by
forwarding the payment instructions to the PG.
• This last step is needed because SET aims to keep the cardholder's
PAN confidential; M cannot simply take this number, as done in
telephone credit card transactions and settle directly with the Issuer.
Dual Signature
• Within the SET protocols there is a circumstance where
the cardholder communicates with both the merchant and payment
gateway in a single message.
• The message contains an order section, with details of the
products/services to be purchased, plus a payment section.
• The payment information will be used by the banker and the order
information by the merchant, but the messages are both sent
collectively
• This means that the message packaging must:
1. Prevent the merchant from seeing the payment instruction
2. Prevent the banker from seeing the order instruction
3. Link the two parts of the message, so that they can only be
used as a pair.
• In this case, SET uses a procedure called dual signature.
• When the order and payment instructions are sent by the cardholder, the
merchant will be able to read the order instruction, and the banker is able
to read only the payment instruction.
• The merchant will not see the cardholder’s account information.
• In a SET transaction, the transfer of money and offer are linked allowing
the money to be transferred to the merchant only if the cardholder accepts
the offer.
• The bond is needed so that the customer can prove that this payment is
intentional for this order and not for some other goods and service
Dual Signature Diagram
• Figure shows the model of dual signature.
• The cardholder generates a dual signature by passing the
order instruction (OI) and payment instruction (PI) through a
hash function.
• The two message digests created (OI message digest and PI message
digest) are concatenated.
• The resulting message is run through a hash function and is encrypted
with the cardholder private signature key using RSA
signature generation algorithm.
• This is dual signature
• The dual signature is sent to both the merchant and the bank.
• The protocol arranges for the merchant to see the MD of the PI
without seeing the PI itself, and the bank sees the MD of the OI but
not the OI itself.
• The dual signature can be confirmed using the MD of the OI or PI.
• It doesn't require the OI or PI itself.
• MD does not expose the content of the OI or PI, and thus privacy is
conserved
Payment Authorization
• After receiving the payment instructions from the Merchant, the PG,
in cooperation with Issuers and banks, checks that everything is fine.
• If so, it sends the payment authorization to M, who sends to C the
conformation and possibly the purchased goods.
• C acknowledges the result and M passes to the next stage.
Payment Capture
• In this last phase, M sends to PG one or more payment requests and
the corresponding capture tokens obtained during the previous
• steps.
• PG checks that everything is satisfactory and replies to M.
• The actual funds transfer from C to M is done outside the protocol.
Status of E-Payment Systems in Nepal
• https://risingnepaldaily.com/opinion/digital-payment-system-in-
pandemic-situation
• https://techsathi.com/7-things-you-need-to-know-about-digital-
payment-in-nepal
• http://www.itpf.org.np/index.php/portfolio?view=project&id=13:stud
y-on-e-payment-system-in-nepal
Case Studies of Global and Local Payment Systems
• https://blog.2checkout.com/popular-online-payment-methods-
globally-and-locally/

You might also like