E commerce transactions and shopping cart
Download
1 / 19

E- Commerce transactions And Shopping Cart - PowerPoint PPT Presentation


  • 330 Views
  • Updated On :

E- Commerce transactions And Shopping Cart ERDEM OZDEN INBS 510 ANNA STORY APRIL 16, 2002 Online Credit Card Fraud Stats Global online purchases will reach $310 billion in 2005. Online credit card fraud will cost $9 billion in 2001.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'E- Commerce transactions And Shopping Cart ' - emily


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
E commerce transactions and shopping cart l.jpg

E- Commerce transactions And Shopping Cart

ERDEM OZDEN

INBS 510 ANNA STORY

APRIL 16, 2002


Online credit card fraud stats l.jpg
Online Credit Card Fraud Stats

  • Global online purchases will reach $310 billion in 2005.

  • Online credit card fraud will cost $9 billion in 2001.

  • Widespread use of anti-fraud technology will reduce online payment fraud to $5.7 billion by 2005, from a potential $15.5 billion.

  • Fraud was 19 times higher online, than with brick and mortar stores in 2001.

    Source: Meridien Research


How consumers view authentication l.jpg
How Consumers View Authentication

  • 47% are now comfortable with registering on web sites by providing personal information.

  • 80% said they would be open to additional authentication measures to make online purchases more secure.

  • 50% said they would be open to using a personal identification number (PIN).

  • 32% said they would be willing to type in a portable password created by a credit card company.

  • 42% said they are “annoyed” at having to remember different passwords for different sites.

    Source: Jupiter Media Metrix


Shopping cycle l.jpg
SHOPPING CYCLE

Online Store: The merchant sets up an online store.

Bank Account: The merchant registers with a bank to authorize transactions.

Product Selection: Customers browse products by product category, or by text search.

Shopping Cart:Customers view and change the contents of their shopping cart.

Customer Registration: Registration is needed when customers make a purchase.

Check Out: The customer may verify or change items, and then proceed with their purchase.

Credit Card Authorization: The customer submits credit card information for authorization.

Order Processing:After credit card authorization, the merchant sends the product.


Online credit card transaction l.jpg

1. Customer Proceeds

to Check out.

Shopping Cart

Online Credit Card Transaction

2. Shipping, tax added

for total amount.

Calculate Totals

3. Customer’s address,

telephone information.

Get User Info

5. If the CC is Declined

Get New CC.

4. Customer’s credit card

information.

Enter Credit Card Information

No

5. If the CC is Authorized

Process Order.

Enough Funds

Card Refused

Yes

Failed

Card Authorized

E-mail Customer

E-mail Customer


Shopping services l.jpg
SHOPPING SERVICES

One-click Buy : CC data is stored in database, and used for instant purchases.

Personalization : Some merchants offer personalized services like special offers, and

recommendations, for registered customers.

Order Tracking : The customers monitor order status by using the order ID.

Save your cart : Customers save their cart and complete the transaction at a later date.

E-mail Verification : The customers receive emails about news, special events,

recommendations, and the recent order.


Shopping carts l.jpg
SHOPPING CARTS

  • Keep the process simple.

  • Include tax and shipping costs to display the exact charges.

  • Tell customers how many steps are involved.

  • Add gift option before the checkout.

  • Put policy information in pop-up windows.

  • Don’t force registration. Customers lose patience fast.

  • Offer multiple shipping options.

  • Limit the checkout process with five to six steps.


Personalization l.jpg

Homepage

Personalization

Yes

No

User Selects New

Or Returning User

Retrieve

Preferences

Cookie?

User Selects

New User

User Selects

Returning User

Database

User Enters

ID Password

Cookie Set

Return Homepage

User Enters

User Information

Create Personal

Page

Database

No

Register

User Exists?

Yes

Cookie Set

Return Homepage


Charge back l.jpg
CHARGE-BACK

CARDHOLDER

1. Cardholder calls Issuer

Bank for fraud.

4. Issuer Bank gives

cardholder’s credit.

2. Issuer Bank calls

Acquirer Bank.

ISSUER BANK

3. Acquirer Bank debits

merchant account.

Additional penalty,

or cancels agreement.

ACQUIRER BANK

Merchant Account


Fraud l.jpg
FRAUD

  • Lower consumer confidence.

  • Higher cost of transactions and loss of revenue for merchants.

  • Higher costs of services for financial institutions.

  • Image damage to the credit card companies and issuers.

    “Charge-back fraud has slowed the growth of e-commerce…Nothing is going to happen until credit card companies can positively authenticate every consumer buying from a website.”

    Theodore Lacobuizo, Senior Analyst, TowerGroup


Security threat l.jpg

Employee Theft: Employee steals data. This is the largest threat.

Trojan Horse: Can be used for snooping. Frequently used in a virus attack.

Hacking : Breaking into a system. Trojan horses used for returning to server.

Social Engineering: Hackers act like a network engineer.

Buffer Overflow: Cause an overflow condition. May grant root access.

Cracking: Breaking into system to steal things.

Password Fishing: Trying to log in with common passwords.

Snooping: Use of a software program to intercept data.

Application Attack: Force application to fall-over, and root access to system.

SECURITY THREAT


Secure electronic transaction set l.jpg
Secure Electronic Transaction (SET)

  • Development of Visa and MasterCard.

  • Certificate-based system.

  • Digital signatures to replace the handwritten signatures.

  • Cardholder software is required.

  • Digital certificates are installed on consumer’s PC.

  • Expensive.

  • Complex structure.

  • Because of its complexity, and cost, SET usage was limited.


Secure sockets layer ssl l.jpg
Secure Sockets Layer (SSL)

  • Created by Netscape.

  • Simple to implement.

  • Implemented in Transport Layer (TLS).

  • Supports most of the browsers and Web servers.

  • Widely used in Web transactions.

  • Uses digital certificates.


Secure sockets layer ssl14 l.jpg
Secure Sockets Layer (SSL)

BROWSER

1. Browser sends SSL request massage.

SERVER

2. Server responds by sending it’s certificate.

3. Browser verifies that the certificate is valid.

4. Browser sends one time session key.

5. Server decrypts the massage with it’s private key.

6. Source exchanges with symmetric encryption.


Web server certificates l.jpg
Web Server Certificates

The certificate, which contains the Web server’s public key, will be used by the browser to:

  • Authenticate the identity of a Web site.

  • Contain the Web server’s public key.

  • Encrypt information for the server using SSL.

    Certification Authority (CA) Certificates

  • CA Certificates are issued by a trusted third party called a Certification Authority (CA).

  • CA validates the certificate holders’ identity.


Visa payer authentication service vpas l.jpg
Visa Payer Authentication Service (VPAS)

  • New payer authentication service from VISA.

  • Based on a protocol known as 3-D Secure.

  • Announced in 2001.

    “3-D” refers to the three domains

  • Issuers

  • Acquirers

  • Transaction Communication


How vpas works l.jpg
How VPAS Works

1. Cardholder selects ’buy’.

2. Merchant queries Visa for account data.

Cardholder

Merchant

3. Visa checks CAD

for customer data.

Card Association

Directory

Merchant

Requests

Authorization

Issuer Access Control

Server

4. Issuer ACS validates password, digitally signs response,

transmits copy to Authentication History Server

5. Merchant verifies signature,

and sends authorization request.


Mastercard secure payment application spa l.jpg
MasterCard Secure Payment Application (SPA)

  • MasterCard’s security solution.

  • It requires participation by the card issuer and the merchant.

  • Cardholder has to download a wallet application from the issuer.

  • Deployment of SPA will be through server-based electronic wallets.

  • Wallet will automatically fill out payment information on the online order form.

  • Includes a unique cardholder authentication value for each transaction.

  • Scheduled to the second quarter of 2002.


Address verification service avs l.jpg
Address Verification Service (AVS)

  • Designed for mail-order and telephone order environments.

  • Checks first 4 numeric digits of address and zip code.

  • Merchant receives response codes, detailing degree of match.

  • AVS does not guarantee charge-back protection.

  • Data used is not always current.

  • Only used in U.S., U.K., Germany, Austria and Switzerland.

  • May result in false rejection of valid orders.


ad