Enabling Technologies – Frequently Asked Questions (FAQ)

by Bill H.

Why is encryption needed for Web commerce?

Encryption performs four key functions which enable secure Web transactions to take place:

  • Authentication allows customers to be sure that the merchant they are sending their credit card details to is who they say they are. It can also allow merchant’s to verify that the customer is the real owner of the credit card being used.
  • Integrity ensures that the messages have not been tampered with by a third party during transmission.
  • Non-repudiation prevents customers or merchants denying they ever received or sent a particular message
  • Privacy prevents third parties from reading intercepted messages … More Info

What are the main elements of an encryption system?

  • The plaintext is the raw message or data that is to be encrypted.
  • A cryptographic algorithm or cipher is a mathematical set of rules that defines how the plain text is to be combined with a key.
  • The key is a string of digits.
  • The ciphertext is the encrypted message. … More Info

What are the main methods of encryption?

There are two main methods of encryption:

  • Private-key encryption (also known as secret-key or symmetric encryption) in which users share a common key.
  • Public-key encryption (also known as asymmetric encryption) where different keys are used for encryption and decryption. … More Info

These systems have their advantages and disadvantages and so secure transaction protocols such as SSL and SET use a combination of both.

What is a digital signature?

Digital signatures are implemented through public-key encryption and are used to verify the origin and contents of a message.

A digital signature is prepared by first passing the message through a cryptographic function to calculate the message digest. The digest is then encrypted with the private key to produce a signature which is then added to the original message.

The recipient of the digital signature can be sure that the message really came from the sender. And, because changing even one character in the message changes the message digest in an unpredictable way, the recipient can be sure that the message was not changed after the message digest was generated. … More Info

What is a digital certificate?

Digital certificates provide the basis for secure electronic transactions as they enable all participants in a transaction to quickly and easily verify the identity of the other participants.

They are digitally signed and issued by a Certificate Authority (CA) which verifies that the public key attached to the certificate belongs to the party stated. … More Info

How does SSL support secure transactions?

Netscape’s Secure Sockets Layer (SSL) protocol is currently the most widely used method for performing secure transactions on the Web and is supported by most Web servers and clients including Netscape’s Navigator and Microsoft’s Internet Explorer.

The Secure Sockets Layer (SSL) protocol provides several features that make it particularly suitable for use in e-commerce transactions.

  • Privacy is guaranteed through encryption. Although data can still be intercepted by a third party they will be unable to read it as they have no access to the encryption key
  • Integrity is also ensured through encryption. If a message is received that will not decrypt properly then the recipient knows that the information has been tampered with during transmission.
  • Authentication is provided through digital certificates. Digital certificates provide the basis for secure electronic transactions as they enable all participants in a transaction to quickly and easily verify the identity of the other participants. … More Info

How does SET support secure transactions?

SET is the Secure Electronic Transaction protocol developed by Visa and MasterCard specifically for enabling secure credit card transactions on the Internet. It uses digital certificates to ensure the identities of all parties involved in a purchase and encrypts credit card information before sending it across the Internet.

Like SSL, SET allows for the merchant’s identity to be authenticated via digital certificates. However, SET also allows for the merchant to request users authenticate themselves through digital certificates. This makes it much more difficult for someone to use a stolen credit card.

A further advantage of SET is that the merchant has no access to credit card numbers and thus another source of fraud is eliminated. … More Info

What is a smart card?

At first glance a smart card looks like a normal credit or debit card. However, closer examination reveals the absence of a magnetic stripe as smart cards store all their information on a chip buried within the card. Compared to conventional magnetic stripe cards, smart cards differ in several important ways:

  • They can store much more data.
  • They can be password protected.
  • They can incorporate a microprocessor that can perform processes such as encryption. … More Info

How can smart cards be used for Web commerce?

Smart cards can be used for:

  • The secure storage of encryption keys
  • The storage of digital money in an electronic purse
  • Ensuring secure transactions over public Web terminals and screen phones. … More Info
Share and Enjoy:
  • Digg
  • Twitter
  • StumbleUpon
  • Technorati
  • Facebook
  • Sphinn
  • del.icio.us
  • Mixx
  • Google Bookmarks
  • Yahoo! Buzz
  • LinkaGoGo
  • MisterWong
  • Propeller
  • Faves
  • Live
  • NewsVine
  • Print
  • PDF
  • email

Related Posts:

Tagged as: digital certificate, digital signature, encryption, smart card

Leave a Comment

Previous post:

Next post: