Online Payment Security

Do you one hundred percent believe in “online payment”? And have you ever heard something such as “be alert for email phishing”? Actually, most of us understand “internet fraud” only literally even if we heard many news reports say some unlucky guys suffer from property damage for insecure payment. Undeniably, we live a more convenient life and take higher risk at the same time, within the development of technology.

3

The pros and cons of online payment

As a double-edged sword as online payment, it brings both bliss and peril into our daily life. So, it could never be too cautious for us when we enjoy the convenience of online payment.

Geographical convenience and  High efficiency and accountability are two main benefits. First of all,  geographical convenience, this service has enabled us to solve financial trivial wherever we are. It helps us to make online consumption from daily suppliers to business replenishment without running to and from. It requires only a bank account. There are no worries about running out for checks or getting a money order. Secondly, from the perspective of customer, high efficiency and accountability is another big benefit. Not only can the online payment spare you the trouble of going errands, but also it proved to be time-saving and highly efficient. Online payment enables a customer to pay for a product immediately, confident that it will ship quickly. If a customer mails his payment, he must wait for you to receive it and for the funds to clear, adding greatly to the amount of time that he waits for the product. Faced with this delay, a prospective customer is likely to look for a merchant who accepts online payments.

Despite those benefits that online payment has, there are still concerns with online payment. One of the biggest risks is online fraud. The crimes as swindling online customers out of money from their e-accounts have been growing along with the rise of using online payment. They are through means like counterfeit payment accounts,fishing websites and pretended shopping platform to deceive consumers paying money to them or to get their credit cards information.

It was reported that China resolved 77,000 cases related to telecom and Internet fraud from January to September in 2016. And in 2015, China handled 24,886 reports of online fraud. See, the data is not a small number. In those online fraud, insecure online payment is one of main causes that directly lead people loss money. An other cases is eBay, which is attractive to con artists. Because financial transactions on eBay are not very secure for buyers. For example, the fraud steals information from other seller, specially for some expensive product, then told you that you can payment by installments. Sometimes, when you do a partial payment, it is the end of trade; what’s worse, you may disclosure of information of credit card, then loss more money. It is the problem of inseure online payment.

2

Secure online payment system

Online payment brings consumers convenience and efficiency while its security problems need to be solved. For e-commerce, it’s important to build trust between business and online customers through offering secure payment system in order to increase revenue stream. A secure E-commerce payment system requires confidentiality, authentication, data integrity and interoperability. To meet those demands, various systems are trying to keep your information safe.

Secure Sockets Layer is an e-commerce security protocols widely used by B2C online transaction. It uses data encryption, building a secure communication channel to send the credit card information of customer to the merchant. This system achieves transparency, low cost and low complexity. However, it still meets a serious security challenge. SSL only build a safe link between the online customer and the merchant while it cannot prevent merchant from misuse of customer’s information. Such one side authentication may cause business fraud. Besides, there is still possibility for man-in-middle attacks. It could be very dangerous to pay online with a public WIFI network since the WIFI hotspot might access to your bank on your behalf and steal your money.

Comparing with SSL, Secure Electronic Transactions is securer. SET provides online customers with the trust. It uses public key cryptography and digital certificates to protect financial information and to verify authentications of both customer and merchant to use cards. With a third-party certificate authority, customer information are not available for merchants and prevent business frauds.

4

The third party payment gateway

Traditional payment is simple and direct payment, as well as wire transfer and online direct transfer. In reality, there are already many business dispute events happening. For example, the buyer cannot receive the qualified product after they pay first. And the seller may not receive payment on time. So how can we solve this in the online market?

In the virtual market, both of parties do not know other’s background and bottom line. As a result, online payment becomes one of the bottlenecks of e-commerce development. Sellers worry about payment if they send goods first. Buyers also worry about the goods cannot be guaranteed. In order to meet the synchronous exchange market demand, third-party payment gateway came into being, such as the appearance of PayPal. Third-party payment gateway provides an “intermediate platform” with buyers and sellers in the absence of credit protection or legal support. The buyer will pay for the purchase to third parties and the third party provides safe transaction services. The essence of its operation is intermediate transition account between buyers and sellers, so that transfer payments can be controlled. Where the funds need to transfer can be decided only when the two sides reach an agreement. Third-party payment gateway acts as intermediary custodian and supervisor. So to be precise, this is a kind of payment-escrow behavior.

1506-tmp

But currently third-party payment gateway is still facing risks which can be mainly concluded as five aspects: theft of client information, vulnerabilities of server system, encountering phishing site, transaction fraud and maliciously controlled client. Experts are still finding the solutions to these risks.

At the purpose of creating a securer environment of online payment, for brand, advanced payment system can be used to imporve security; for customer, they should have crisis awareness in dealing with internet fraud. Hoping someday, all of us can enjoy a comfort and safety online payment experience.

Authors: Chenwen LIU; Jiahui ZHANG; Xiangting WANG; Yuanqing CAO

References:

Cao Yin. (2016). Security giant reports jump in online fraud claims, China Daily.  chinadaily.com.cn. retrieved 7 November 2016, from :

http://www.chinadaily.com.cn/china/2015-10/23/content_22265933.htm

Rothke, B. (2014). Security without Obscurity: A Guide to Confidentiality, Authentication and Integrity, | RSA Conference. Rsaconference.com. Retrieved 6 November 2016, from https://www.rsaconference.com/blogs/security-without-obscurity-a-guide-to-confidentiality-authentication-and-integrity

Jian-wei, L. (2010). Study on the third Party Payment Platform’s Risk Control [J]. Financial Theory & Practice, 12, 015.

Sacks, D. (2001). U.S. Patent Application No. 09/901,962.

Advertisements

3 thoughts on “Online Payment Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s