|
FREE online courses on ECOMMERCE FUNDAMENTALS - Electronic Payment Systems
- Security
|
Electronic credit card transactions must:
·
Provide a mechanism to
validate the identity of the merchant's bank, the merchant and the consumer. A
fraud can result from whichever party is not sufficiently authenticated. X.509
certificates may be sent with each message to authenticate the sender and to
provide the sender's public key.
·
Protect the private key of the
certificate authority (CA). Theft or loss of the CA's private key can cause
significant damage.
·
Protect the credit card
number, the expiration date, PIN, the amount of purchase and other sensitive
information during transmission over the Net.
·
Institute a process to resolve
credit card payment disputes between the consumer, the merchant and the bank.