Abstract
Because many current payment systems are poorly implemented, or of incompetence, private data of consumers such as payment details, addresses and their purchase history can be compromised. Furthermore, current payment systems do not offer any non-repudiable verification to a completed transaction, which poses risks to all the parties of the transaction — the consumer, the merchant and the financial institution. One solution to this problem was SET, but it was never really a success because of its complexity and poor reception from consumers. In this paper, we introduce a third party payment system that aims to preserve privacy by severing the link between their purchase and payment records, while providing a traceable transaction that maintains its integrity and is non-repudiable. Our system also removes much of the responsibilities placed on the merchant with regards to securing sensitive data related to customer payment, thus increasing the potential of small businesses to take part in e-commerce without significant investments in computer security.
Please use the following format when citing this chapter: Arnab, A. and Hutchison, A., 2007, in IFIP International Federation for Information Processing, Volume 232. New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Soims, R., (Boston: Springer), pp. 277–288.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Arnab, A., AND Hutchison, A. Verifiable digital object identity system. In Proceedings of the Sixth ACM Workshop on Digital Rights Management, Co-Located with ACM CCS 2006, Alexandria, Virginia, USA (2006), K. Kurosawa, R. Safavi-Naini, and M. Yung, Eds., ACM.
Basu, A., AND Muylle, S. Authentication in e-commerce. Communications of the ACM 46,12(2003), 159–166. url: http://www.doi.acm.org/10J145/953460.953496.
Bella, G., Paulson, L. C, AND Massacci, F. The verification of an industrial payment protocol: the set purchase phase. In CCS’ 02: Proceedings of the 9th ACM conference on Computer and communications security (New York, NY, USA, 2002), ACM Press, pp. 12–20. url:http://www.doi.acm.org/10.1145/586110.586113.
Mulligan, D., Han, J., AND Burstein, A. How DRM Based Content Delivery Systems Disrupt Expectations of “Personal Use”. In Proceedings of the 2003 ACM workshop on Digital Rights Management (2003), ACM, pp. 77–89. URL: http://www.doi.acm.org/10.1145/947380.947391.
Peha, J. M., AND Khamitov, I. M. Paycash: a secure efficient internet payment system. In ICEC’ 03: Proceedings of the 5th international conference on Electronic commerce (New York, NY, USA, 2003), ACM Press, pp. 125–130. url: http://www.doi.acm.org/10J145/948005.948022.
Roberts, P. Strong authentication a hard sell for banks. ComputerWorld (02 Nov 2004). URL: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=97133 Last accessed: 05 Aug 2006.
Rosencrance, L. Gartner survey sparks debate on internet retail fraud. ComputerWorld (18 July 2000). URL:http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=47270 Last accessed: 05 Aug 2006.
Ruiz, M. C, Cazorla, D., Cuartero, F., AND Pardo, J. J. Analysis of the set e-commerce protocol using a true concurrency process algebra. In SAC’ 06: Proceedings of the 2006 ACM symposium on Applied computing (New York, NY, USA, 2006), ACM Press, pp. 879–886. url: http://www.doi.acm.org/10.1145/1141277.1141480.
Stallings, W. Network Security Essentials-Applications and Standards, international second ed. Prentice Hall, 2003.
Steinauer, D. D., Wakid, S.A., AND Rasberry, S. Trust and traceability in electronic commerce. StandardView 5,3 (1997), 118–124. url: http://www.doi.acm.Org/10.l145/266231.266239.
Tsai, J. Y., Cranor, L. F., AND Craver, S. Vicarious infringement creates a privacy ceiling. In Proceedings of the Sixth ACM Workshop on Digital Rights Management, CoLocated with ACM CCS 2006, Alexandria, Virginia, USA (2006), K. Kurosawa, R. Safavi-Naini, and M. Yung, Eds., ACM.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Arnab, A., Hutchison, A. (2007). Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds) New Approaches for Security, Privacy and Trust in Complex Environments. SEC 2007. IFIP International Federation for Information Processing, vol 232. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-72367-9_24
Download citation
DOI: https://doi.org/10.1007/978-0-387-72367-9_24
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-72366-2
Online ISBN: 978-0-387-72367-9
eBook Packages: Computer ScienceComputer Science (R0)