UCT CS Research Document Archive

Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions

Arnab, Alapan and Andrew Hutchison (2007) Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions. In Venter, Hein, Mariki Eloff, Les Labuschagne and Rossouw von Solms, Eds. Proceedings IFIP TC-11, 22nd International Information Security Conference (Sec 2007), pages 277-288, Sandton, South Africa.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

Because many current payment systems are poorly implemented, or of incompetence, private data of consumers such as payment details, addresses and their purchase history can be compromised. Furthermore, current payment systems do not offer any non-repudiable verification to a completed transaction, which poses risks to all the parties of the transaction -- the consumer, the merchant and the financial institution. One solution to this problem was SET, but it was never really a success because of its complexity and poor reception from consumers. In this paper, we introduce a third party payment system that aims to preserve privacy by severing the link between their purchase and payment records, while providing a traceable transaction that maintains its integrity and is non-repudiable. Our system also removes much of the responsibilities placed on the merchant with regards to securing sensitive data related to customer payment, thus increasing the potential of small businesses to take part in e-commerce without significant investments in computer security.

EPrint Type:Conference Paper
Subjects:UNSPECIFIED
ID Code:395
Deposited By:Arnab, A
Deposited On:30 May 2007