Kapitel 6 E-Commerce
PAYMENT FRAUD - PREVENTION OF PAYMENT CARD FRAUD
Address Verification • Used by approximately 80% of all merchants • The Address Verification System (AVS) compares the address entered on a Web page with the address information file stored at the cardholder's issuing bank • AVS results in a number of false negatives, which means that the merchant may reject a valid order and which happens because cardholders often have new addresses or simply make mistakes in inputting numeric street addresses or postal codes Manual Review • Over 80% of all merchants use the manual review method, which relies on staff to manually review suspicious orders • Reasonable method for small merchants with a small volume of orders • For larger merchants, this method does not scale well, is expensive, and impacts customer satisfaction • The percentage of merchants using this method is increasing, along with the percentage of items being reviewed Card Verification Number • Approximately 75 % of all merchants use the Card Verification Number (CVN) method, which compares the verification number printed on the signature strip on the back of the card with the information on file with the cardholder's issuing bank • However, if a fraudster posses a stolen card, the number is in plain view Fraud Screens and Automated Decision Models • Larger merchants often use fraud screens and automated decision models • Tools are based on automated rules that determine whether a transaction should be accepted, rejected, or suspended • Key element of this method is the ability of the merchant to easily change the rules to reflect charging trends in the fraud being perpetrated against the company Card Association Payer Authentication Services • In the recent years, the card associations have developed a new set of payer identification services (for example, Verified by Visa and MasterCard Secure Code) • These services require cardholders to register with the system and merchants to adopt and support the new services • In the course of an online transaction, the customer is redirected to a Web page of the card association, which demands the customer to enter a password or a transaction authentication number (TAN) • Until 2008, only 25% of merchants indicated that they had adopted this method Negative Lists • A negative list is a file that includes a customer's information (name, shipping/billing address, contact numbers) and the status of this customer • A customer's transaction is matched against this file and flagged if the customer is a known problem
PAYMENT PATTERNS WITH BANK ACCOUNTS - DIRECT DEBITS - ATHORIZATION AND AUTHENTICATION
Authorization • (Electronic) direct debit has the disadvantage that the risk of missing covering funds on the payer's account is on the payee • The payee has to manually claim missing funds (= fehlende Mittel einfordern) in case of a payment default, which is a costly process without guarantee of success • An authorization is an approval sent from a payer's bank that the payer's account holds sufficient funds to cover the cost of a purchase • The payer's bank guarantees that the payment will be settled (= abgewickelt) , even if the payer files for bankruptcy afterwards • Card payments with authorization are an alternative to signature-based electronic direct debits Authentication • Authentication is the process of establishing the validity of the account information provided by the payer • Includes various fraud prevention tools like Address Verification Service and Card Security Codes
PAYMENT PATTERNS WITH BANK ACCOUNTS - CASH, PAYMENTS, AND ELECTRONIC PAYMENTS
Cash • Cash (Bargeld) is money in the physical form of currency (i.e., banknotes and coins) Payments • A payment is a transfer of value from a payer (purchaser) to a payee (seller, merchant) for goods, services, or law obligations Electronic payments • An electronic payment is the transfer of value through an electronic medium, without the use of cash or checks • An electronic payment system is an ecosystem of participating actors and technical infrastructures needed to conduct electronic payment
PAYMENT PATTERNS WITH BANK ACCOUNTS - CHECKS
Checks • A check (cheque) is a document that orders a bank to pay a specific amount of money from a payer's account to the payee in whose name the check has been issued • Check-specific roles • Drawer (Aussteller): depositer writing a check • Drawee (bezogene Bank/"zahlende Bank"): financial institution where the check can be presented for payment • Payee: entity to whom the drawer issues the check • Endorsee: financial institution servicing the payee's account (Bank des Bezahlten)
PAYMENT PATTERNS WITH BANK ACCOUNTS - DIRECT DEBITS - CLEARING AND SETTLEMENT
Clearing ( = Abrechnen) • Clearing in payment systems is the process of reconciling (= ausgleichen) the direct transfer of funds from one financial institution to another • A clearing house is an electronic system used for the transfer of funds between entities, often referred to as an electronic funds transfer (EFT) • Financial institutions can make transfers to the clearing house rather than to each individual party with whom they have transacted. Settlement ( = Begleichung) • Settlement in payment systems is the actual move of funds after liabilities and receivables have been cleared
PAYMENT CARDS - CARD TYPES
Credit cards • Credit Cards provide the holder with credit to make purchases up to a limit fixed by the card issuer. • Rarely have an annual fee. • Users are charged high interest - the annual percentage rate - on their average daily unpaid balances. Charge cards • Balance on a charge card is supposed to be paid in full upon receipt of the monthly statement (= Monatsabrechnung) • Holder of a charge card receives a loan of 30 to 45 days equal to the balance of their statement. • Usually have annual fees. Debit cards • With a debit card, the money for a purchased item comes directly out of the cardholder's checking account (Girokonto) • The actual transfer of funds from the holder's account to the merchant's takes place within 1 or 2 days.
PAYMENT INFRASTRUCTURES CLIENT-SIDE INFRASTRUCTURES - DIGITAL WALLETS
Digital Wallets • Store credit card, digital cash, owner identification, and address • Makes shopping easier and more efficient • Eliminates need to repeatedly enter identifying information into forms to purchase • Works in many different stores to speed checkout • Implemented (as an app) on a smartphone, tablet, or smartwatch • Server-side digital wallet: Stores a customer's information on a remote server belonging to a particular merchant or wallet publisher • Client-side digital wallet: Stores a consumer's information on his or her own computer, mobile device, or Subscriber Identity Module (mobile wallet)
PAYMENT PATTERNS WITH BANK ACCOUNTS - DIRECT DEBITS
Direct Debits • A direct debit (Lastschriftverfahren) is a financial transaction in which the payee withdraws funds (= Geld abheben) from the payer's bank account • The payee instructs his bank to collect (debit) an amount directly from the payer's bank account designated (= vorgesehen) by the payer and pay those funds into a bank account designated by the payee • Before the payee's bank will allow the transaction to take place, the payer must authorize the payee to directly draw the funds • The payer can cancel the authorization of a direct debit at any time and his bank can decline to carry out a debit if the transaction would breach the terms of the bank account out of which the payment is to be made • Direct debits are used for unique and recurring payments, where the payment amount varies from one payment to another • Electronic direct debit (elektronisches Lastschriftverfahren) replaces the manual authorization by a debit card (e.g., Girocard) plus signature
PAYMENT PATTERNS WITH BANK ACCOUNTS - DIRECT DEPOSITS AND WIRE TRANSFERS
Direct Deposits • A direct deposit (Einzahlung) is the deposit of funds straight from the source and initiated by the source into a bank account, for example by wire or cash Wire Transfers • A wire transfer (Überweisung, bank transfer, credit transfer) is a method of fund transfer from a payer's account to the payee's account • Payer gives his bank the order to transfer a certain amount of money from his account to the payee's account • A wire transfer is unique and not recurring
ELECTRONIC CASH ONLINE DIGITAL CASH - DETAILED APPROACH
Herstellung digitalen Geldes: • Payer wants to have the bank sign a $1 digital coin Zur verschlüsselung nach RSA benötigen wir: • (n,e): bank's public key • (n,d): bank's private key • [payer braucht auch public und private key] • f: one-way hash function (i.e., it is not possible to derive the input from the output) • Payer chooses at random a serial number of the bank note x and a blinding factor r, and sends to the bank (together with the coin's denominator=1$): B=r^(e) *f(x)(mod n) [Bank erhält verschlüsselte Nachricht] • Note: payer signs B with his digital signature, which, due to simplicity, is neglected here • The bank returns B^(d)* (mod n) = (r^(e) *f(x))^d *(mod n) = rf(x)^d *(mod n) and withdraws (= abheben) one dollar from the payer's account • Payer extracts C = [B^(d)]/(r (mod n)) = f(x)^(d)* (mod n) from B ( -> blinding Faktor wird herausgerechnet) Bezahlung: • To pay a payee $1, payer gives it the pair (x, f(x)^(d) *(mod n)) • The payee immediately calls the bank, verifying that this note has not already been deposited Reason why One-way Function is needed • Suppose (x, x^(d) *mod n) is the digital token • Then it can be forged (= gefälscht werden) • Choose y • Spend (y^(e) mod n, y) • To forge the digital token of the form (x, f(x)^(d) * mod n), you would have to produce (f^(-1) *(y^(e)) mod n, y), which is not possible as f is defined as one-way function Solms et al.: Perfect Crime • Open a bank account and receive an account for digital cash • Kidnap a baby • Choose a set of xs (x1, x2, ..., xp) and rs (r1, r2, ..., rp) [ jeweils Seriennummer + Blindingfaktor] • Compute set Bj where Bj=rj^(e) *f(xj) (mod n) • Mail Bj to the authorities with the threat to kill the baby if the following instructions are not complied with: • For all j, compute the set Dj = Bj^(d) (mod n) = rjf(xj)^(d) *(mod n) [bank withdraws money from authorities] • Publish Dj in a newspaper • Buy the newspaper and compute Cj=Dj/(rj (mod n)) = f(xj)^(d) (mod n) [im Ausgangsfall bekommt payer (kidnapper) die Nachricht von der Bank mit seinem öffentlichen Schlüssel verschlüsselt zurück; so haben wir aber keine Anonymität. Blinding Faktor wieder herausrechnen] • {(xj, Cj)} represents legal authorized and untraceable money • Conditions are worse as in usual kidnapping cases • Police cannot register serial number of bank notes • No physical contact needed to transfer blackmailed money
ELECTRONIC PAYMENT INTRO & REQUIREMENTS - REQUIREMENTS
Independence • Almost all forms of electronic payment require the seller or merchant to install specialized software or hardware to receive and authorize a payment. • Electronic payment methods that require all players to install dedicated components are less likely to succeed Interoperability and Portability • Electronic payment methods must mesh (= vernetzen) with existing electronic commerce systems and applications and must be supported by standard computing platforms --> APIs und Libraries müssen gegeben sein, dass das Bezahlsystem in die vorhandenen E-Commerce Platformen integriert werden kann Security • What are the consequences of the transfer being compromised (= gefärdet sein)? • If the risk of the payer is higher than the risk of the payee, then the payer is not likely to accept the method Anonymity • Unlike credit cards or checks, if a buyer uses cash, there is no way to trace the cash back to the buyer. • Some buyers want their identities and purchase patterns to remain anonymous. • To succeed, special payment methods, such as electronic cash, have to maintain anonymity Regulations • A number of international, national, and regional regulations govern all payment methods whether the online electronic payment methods can supplant (= ersetzen) the existing offline methods Divisibility • Most sellers accept credit cards only for purchases with a minimum and maximum range. • Any method that can address the lower or higher end of the price continuum or that can span one of the extremes and the middle has a chance of being widely accepted Ease-of-use • For B2C payment, credit cards are the standard due to their ease of use • For B2B payments, the question is whether the online payment methods can supplant existing offline methods of procurement Transaction fees • When a credit card is used for payment, the merchant pays a transaction fee of up to 3% of the item's purchase price (in addition to a minimum fixed fee) • These fees make it prohibitive to support smaller purchases with credit cards, which leaves room for alternative forms of payment International support • A payment method must be easily adapted to local buying patterns and international requirements before it can be widely adopted
PAYMENT INFRASTRUCTURES - MERCHANT ACCOUNTS
Merchant Account • A merchant account allows any electronic commerce merchant to accept card payments based on the card-not-present (CNP) principle, including mail order/telephone order (MOTO) transactions • Service for which eCommerce merchants apply and thereafter use online card processing services (similar to an email account offered by an email service provider) • Offered by merchant banks or payment processors • Different types of merchant accounts: direct, local, offshore, high-risk, third party, pharmacy merchant accounts
ELECTRONIC CASH - REQUIREMENTS
No Double-Spending and Non-Forgeability (= Nicht-Fälschbarkeit) • In contrast to physical money, banknotes or transactions represented by digital tokens can be easily duplicated. • Copies of digital tokens must not be spendable. • No one should be able to forge or illegitimately create digital tokens and spend them Immediate Verifiability • Every time a payment is received, the payee should be able to instantly check it, for example, by relaying it to the bank for verification (online systems) • Alternatively, there should be an intrinsic property that lets you know that the money is good if a bank is not readily available Anonymity (Teilweise bei e-cash nicht erfüllt, da ich mich wie bei Kreditkarten bei einem merchant anmelde und auch meine Adresse angebe) • Different types of anonymity: payer, payee, and bank anonymity. • Most important is payer anonymity towards the bank • De-anonymization must be possible if the payer has double-spended digital tokens in case of offline systems Divisibility and Combination • A variety of coin sizes should be supported and it should be possible to divide a coin
PAYMENT INFRASTRUCTURES - PAYMENT GATEWAYS AND PAYMENT PROCESSORS
Payment Gateway • A payment gateway is a provider that authorizes payments for businesses, online retailers, bricks and clicks, or traditional mortar. • Equivalent of a traditional physical point of sale terminal located in most retail outlets. • Protect credit card details by encrypting sensitive information by SSL to ensure that information is passed securely between customer and merchant, but also between merchant and payment processor Payment Processor • A payment processor is a company appointed by (= ernannt von) a merchant to handle credit card transactions for merchant banks. • Have connections to various credit card associations and supplies authorization and settlement services to the merchants of an acquirer
PAYMENT INFRASTRUCTURES - PAYMENT PROVIDERS
Payment Providers • Payment providers act as payment gateways and payment processors simultaneously, and optionally also supply merchant accounts • Accounts of merchants are usually coupled with a settlement account at an external bank • Prominent example: PayPal
PAYMENT INFRASTRUCTURES - PAYMENT INTEGRATION (Payments with Redirection)
Payments with Redirection • Payers pay on an external website of the payment provider, not on the payee's website • Payee has no control over the backend process • Payee is not the author or owner of the payment form code • Website of payment provider may have its own design and allows only minimal customization (inclusion of payee's logo) • Not possible to tailor the appearance and structure of the payment form according to payee's needs • Not possible to detect and react on (user input) events Process (Redirection) 1. HTTP request payer to payee 2. HTTP redirect payee to payer 3. HTTP request payer to payment provider 4. Payment provider sends payment form to payer 5. Payer sends payment data (account, amount, ...) to payment provider 6. Payment provider to payer: HTTP redirect with token (= Zeichen) 7. Payer to Payee: HTTP request with token 8. Payee confirms payment of payer 9. Payee to payment provider: sends token 10 Payment provider to payee: Clearing + Settlement
PAYMENT PATTERNS WITH BANK ACCOUNTS - STANDING ORDERS
Standing Orders • A standing order (Dauerauftrag, standing instruction) is an instruction a payer gives to his bank to pay a set amount at regular intervals to a payee's account • Paid amounts are usually fixed, why standing orders are not suitable for paying variable bills
ELECTRONIC CASH ONLINE DIGITAL CASH - BASIC APPROACH
Withdrawal (Minting) ( = Payer request electronic money from the bank): 1 Payer • Generates a note serial number (100 digits or more) at random • Multiplies it with a blinding (random) factor • Signs the blinded number with a private key, encrypts the entire message using the bank's public key and sends it to the bank 2 Bank • Decrypts message and verifies and removes payer's signature (using the payers public key) • Debits payer's account (by $1) • Signs blinded note with a digital signature indicating its $1- value and sends it to payer 3a Payer • Divides out the blinding factor Spendig: 3b Payer • Uses bank note (transfers it to shop) 4 Payee • Verifies bank's digital signature • Transmits note to the bank 5 Bank • Verifies its signature • Checks the note against a list of those already spent • Credits payee's account • Sends signed "deposit slip" (= Einzahlungsbeleg) to payee 6 Payee • Hands the merchandise to payer together with his own signed receipt
PAYMENT FRAUD - FRAUD TYPES AND THEIR EXTENT IN THE UK
• Card-not-present (= Distanzzahlungen) (der häufigste Fall) • Counterfeit (= gefälschte, nachgemachte Karten) • Lost and stolen (verloren und gestohlen) • Mail non-receipt (PINs & Karten werden aus Briefkästen gestohlen) • Cheque fraud (man erhält ein gefälschten Scheck) • ID theft • Online banking
PAYMENT INFRASTRUCTURES CLIENT-SIDE INFRASTRUCTURES - SMART CARDS
• Electronic Card containing an embedded microchip that enables predefined operations and the addition, deletion, or manipulation of information on the card Contact Card • Smart card containing a small gold plate on the face that when inserted in a smart card reader makes contact and passes data to and from the embedded microchip Contactless (proximity) Card • Smart card with an embedded antenna, by means of which data and applications are passed to and from a card reader unit or other device without contact between the card and the card reader Stored-value card • A card that has monetary value on it and that is usually rechargeable Advantages • Better protected from misuse than conventional credit, charge, and debit cards, because the smart-card information is encrypted Disadvantages • Not widely used • Requires dedicated hardware reader for accessing the smart card, which is a barrier in electronic commerce transactions
ELECTRONIC CASH - WHAT IS ELECTRONIC CASH?
• Electronic or digital cash is the digital counterpart of physical cash like banknotes and coins • Electronic cash may be represented as a unique digital token, which • ... represents a prefixed amount or • ... represents a transaction, which has previously been received by the payer and which serves as a proof that the payer is in possession of the corresponding amount • Digital tokens require a storage function like a smart card or a digital wallet • Electronic cash has been introduced and popularized by David Chaum in 1982
ELECTRONIC PAYMENT INTRO & REQUIREMENTS OVERVIEW
• Important function of electronic commerce is the handling of payments over the Internet • Payments between B2B companies are made using Electronic Funds Transfers (EFTs) • B2C transaction: different online payment alternatives • Account based systems: payment is conducted by the use of bank accounts • Digital cash: payment is conducted via the exchange of tokens • "Chicken-and-Egg" problem of electronic payment • How do you get sellers to adopt a payment method when there are few buyers using it? • How do you get buyers to adopt a payment method when there are few sellers using it? • Short history of ePayments is littered with the remains of companies that have attempted to introduce nontraditional electronic payment systems
PAYMENT INFRASTRUCTURES - PAYMENT INTEGRATION (custom Forms)
• Payee is the HTML owner of the payment form and can structure, design, and build it according to his needs • Payment web page contains only the payee's code • Design and interaction logic follow the payee's preferences • Interaction with the payment provider must be implemented by the payee following the payment provider's APIs Process (custom forms) 1. Payer to payee: HTTP request 2. Payee to payer: Payment form 3. Payer to payment provider: payment data (account, amount, ...) 4. Payment provider to payer: HTTP respones with token 5. Payer to payee: HTTP request with token 6. Payee to payer: confirms - "Thank you" 7. Payee to payment provider: sends token 8. Payment provider to payee: clearing and settlement
ELECTRONIC CASH - OFFLINE DIGITAL CASH
• Payer wants to have the bank sign a $1 digital coin that can be used for paying a payee who is not online • Basic idea: payer get automatically deanonymized if he doublespends the digital token • (n,e): bank's public key • (n,d): bank's private key • k: security parameter • f, g: two-argument collision-free one-way functions • u: payer's bank account number • v: sequence number/counter for payer's bank account • ⊗: bitwise XOR ||: concatenation (= Verkettung) • Payer chooses ai, ci, di, and ri (1≤i≤k) at random from the residue (i.e., mod n) • Payer forms and sends to the bank k blinded candidates Bi=ri^(e)f(xi,yi) (mod n) (1≤i≤k) where xi=g(ai,ci) and yi=g(ai⊗(u||(v+i)),di) • The bank chooses at random a subset k/2 out of k blinded candidate indices R={ij}, 1≤i≤k, 1≤j≤k/2 • Assume R={k/2+1, k} • Payer has to reveal ri, ai, ci, and di for all i∈R -> The bank checks whether it can form all Bi in order to make sure that the payer encodes his identity (bank account number) • The bank returns to payer Πi∉R Bi^(d) mod n = Π1≤i≤k/2 Bi^(d) mod n, charges his account $1 and increments the payer's sequence number v by k • Payer can extract the electronic coin C=Π1≤i≤k f(xi, yi)d mod n and increments his copy of the counter v by k • Payer sends C to payee • Payee chooses a random bit string z1, z2, ... zk/2 and prompts payer to reveal the same parameters • Payer responds as follows, for all 1≤i≤k/2 • If zi=1, then payer returns ai, ci, and yi • If zi=0, then payer returns xi, ai⊗(u||(v+i)) and di • Payee verifies that C is of proper form and that payer's responses fit C, i.e., payee calculates f(xi, yi) and checks the bank's signature • Payee later (if he is online again) sends C and payer's responses to the bank, which verifies their correctness and credits his account • The bank must store C, z1,..., zk and ai (for zi=1) and ai⊗(u||(v+i)) (for zi=0) • If payer has used the same coin twice ‣ High probability that two different shop keepers will send different values for at least one zi ‣ Bank then knows both ai and ai⊗(u||(v+i)) and can thus identify payer • Note: sequence number v is needed, because without it payer could double spend money by permuting f(xi, yi)^d
PAYMENT INFRASTRUCTURES - PAYMENT INTEGRATION (<iframe>-based Payment Forms)
• Payment form is included in an HTML-<iframe>-element within the web page delivered by the web payee • Web browser at the payer requests content for this <iframe> from the payment provider when rendering this web page • Payee is not the author or owner of the payment form code, but can include it on his web page according to his preferences • Payer is not confused by the change of the website • Payee has no control over the backend process • Customization options for payment form are still poor as it is delivered by the payment provider • Not possible to tailor the appearance and structure of the payment form itself according to payee's needs • Not possible to detect and react on (user input) events Process (<iframe>) 1. Payer to payee: HTTP request 2. Payee to payer: Payment page with <iframe> 3. Payer to payment provider: HTTP request for <iframe> 4. Payment provider to payer: Payment form within <iframe> 5. Payer to payment provider: Payment data (account, amount, ...) 6. Payment provider to payer: HTTP response with token 7. Payer to payee: HTTP request with token 8. Payee to payer: confirms - "Thank you" 9. Payee to payment provider: sends token 10. Payment provider: clearing and settlement
PAYMENT CARDS - OPEN LOOP SYSTEMS
• The banking system includes one or several intermediary banks that coordinate the transfer of funds from the issuer to the merchant's acquiring bank. • Most visible examples of open loop systems are Visa and MasterCard, which never issue cards directly to consumers and make use of an issuing bank instead. • Issuers are responsible for establishing customer credit limits Roles • Cardholder: payer • Merchant: payee • Acquirer: payee's bank (the one who acquires the funds) • Issues: payer's bank (the one who issues the card) • Credit card association: intermediary with different functions, supports authorization, clearing, settlement Prozess einer Transaktion: 1. Kartenbesitzer weist sich gegenüber dem Händler aus 2. Händer fragt die Genehmigung bei Credit Card Association (MasterCard, Visa) an. 3. Credit Card Association fragt die Genehmigung bei herausgebender Bank der Karte an 4. Credit Card Association fragt die Genehmigung bei Bank des bezahlten an 5. Bank des Bezahlten übermittelt Genemigung an Händler 6. Händler fordert Geld bei seiner Bank ein 7. Seine Bank betreibt Clearing (= Abrechnung) bei Credit Card Association 8. Credit Card Association betreibt Clearing bei herausgebender Bank der Karte 9. Herausgebende Bank der Kart betreibt Settlement ( = Begleichung) des Betrages bei Credit Card Association 10. Credit Card Association betreibt Settlement bei Bank des Bezahlten
