Literature Review – Stancu Simina – MPI, anul 2 1. Online payment processing 1.1 Online payment processing or E-Payment World Overview Donal O. Mahony, Michael Perice, Hitesh Tewari(2001) have emphasized the fact that purchasing goods and services online doesn’t represent a brand new idea. There are attestations everywhere around us of transaction processes which occur electronically. The appearance of Internet has definitely eased the achievement of progress. The network of networks has expanded significantly to today’s global medium. This growth had been determined by the WWW (World Wide Web) availability technology which gives the opportunity for information to be accessed from everywhere around the world which also lead to the growth of the business to consumer e-commerce. A new market has also emerged for individuals that are completing their purchases through the phone or handheld wireless devices. The Mobile commerce (also called m-commerce) will rapidly become a broad industry that many payment providers try to cover. Studies from Humphrey, Pulley, and Vesala (1996) contribute to the definition of e-payments by saying that the payments are initiated, processed and received electronically. They also show that the e-payment world constitutes a new concept, above the original payment techniques which were offered by the banking industry.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Literature Review – Stancu Simina – MPI, anul 2
1. Online payment processing
1.1 Online payment processing or E-Payment World Overview
Donal O. Mahony, Michael Perice, Hitesh Tewari(2001) have emphasized the fact that
purchasing goods and services online doesn’t represent a brand new idea. There are attestations
everywhere around us of transaction processes which occur electronically. The appearance of
Internet has definitely eased the achievement of progress. The network of networks has expanded
significantly to today’s global medium. This growth had been determined by the WWW (World
Wide Web) availability technology which gives the opportunity for information to be accessed
from everywhere around the world which also lead to the growth of the business to consumer e-
commerce. A new market has also emerged for individuals that are completing their purchases
through the phone or handheld wireless devices. The Mobile commerce (also called m-
commerce) will rapidly become a broad industry that many payment providers try to cover.
Studies from Humphrey, Pulley, and Vesala (1996) contribute to the definition of e-payments by
saying that the payments are initiated, processed and received electronically. They also show that
the e-payment world constitutes a new concept, above the original payment techniques which
were offered by the banking industry.
Epayment can be viewed as a part of the whole e-commerce transactions which has the element
of electronic payment for buying/selling goods or services which are provided through the mean
of Internet, according to Odlyzko (2003). Odlyzko(2003) also claims that electronic payments
mean more than online transactions on the Internet, as there are various forms of electronic
payments. The technology is expanding and offers many developments as the variety of devices
and processes for electronic payment is on a continuous raise. In the case of e-payments, the
monetary claims are held in digital form.
Kaynak and Harcar(2005) argue that the use of internet banking based operations has been
enhanced by all banks, no matter the type or size. They both mention that online banking has
arrived to the point to become the newest breakthrough expansion in the ever-developing world
of financial services. Because the Internet has increased in a huge proportion and it’s expected to
increase even more, the online payments are expected to increase as well in a rapid pace. One of
the advantages of online banking is represented by the commodity and convenience which is
provided to the individuals by doing business in the comfort of their own homes. The emerge of
the Internet and also the universality of consumers owing personal computers or laptops exhibit
both an opportunity and a challenge within the industry because for a long period of time the
financial institutions have utilized powerful computer networks to process thousands of
transactions compared to nowadays when the customers bank are connected to the internet
through their own personal computers.
The increasing pace through which the epayments are growing making it forcing financial
providers to adapt to the volume augmentation of all the transactions that are processed in all
corners of the world everywhere on the Internet, as Baddeley(2004) is stipulating.
The claim of Huang and Chen (2002) states that together with the popularity of the internet the
explosion of the online payments has also expanded and epayments will develop with a rapid
pace because this method presents many operational advantages and efficiencies. They also
recognize that electronic payment will take the place of the basic cash in the physical world as a
method of payment in the online, virtual world. This happens because by keeping the privacy of
the customer, the electronic payment will be utilized over telecommunications and data
networks. Moreover, the virtual cash is easier and not so expensive to be used compared to the
traditional cash and also if the electronic process is secured, it cannot be counterfeited.
Other studies by Yu, His and Kuo (2002) have converged to the point that online payments have
been risen from the worldwide expansion of the internet.the electronic commerce has
proliferated because of the many benefits that the electronic transfer of transactional information
brings, benefits such us: availability, security, speed, anonymity and openness. These have lead
to the ease and facilitation of many business processes including paying for merchandise,
auctioning, negotiation ordering etc.
There are also authors which contradict the utility of the e-commerce. Chou, et al. (2004)
mentioned that the business of online payments wasn’t as exciting as other have expressed it.
Some of the first innovators either went bankrupt, switched to a new business or gave up the
product. They question which payment methods are more appropriate for the e-business
landscape as they have observed the failure of many e-cash mechanism and the large number of
users of credit cards over the internet.
1.2 Security within the online payment environment
The concern of any new development is security. The emphasis is located on the risk
minimization with each transaction that takes place. A business process is viewed as a set of
logical inputs which logically relate to achieve the business outcome (Gunasekaran et al., 2002).
Every task of the business process must be secured. As the current time is all about information
and data, there is the risk of data fraud, thievery, misappropriation of funds and stealing and
when it comes to money and any other financial information the risk increases dramatically. Raja
(2008) makes a good point that it is highly compulsory and important for the all data regarding
financial information or information about individuals account or credit cards should be
extremely secured and this also establishes the trust and the success for every commercial
institution, the secrecy of information being a critical factor of success.
Zheng et al. (2009) suggest that as online payments are processed through the Internet, a more
secure, stable and efficient program for supporting the payments is required.
Venkataiahgari (2006) explains on E-commerce Technology study that all online payment
settings must present security characteristics such as authentication, authorization and data
confidentiality. The most common protocols used are SSL, TLS and SET which provide secrecy
for online transactions.
Raja (2008) argues that the confidence theories were based on the relationship between the
entities participating to the transactions and the history of any exchanges between them, but as
the online market is widely spread and there are many participants makes the trust difficult to be
assessed due to the feebleness to demonstrate the reliability of the partners. Moreover there isn’t
necessary for a human relationship to be established prior to the transaction which creates an
opportunity for a security threat. Generally speaking, security is composed of subsets of technics
and mechanisms together with various programs whose role is to authenticate the information
source and make sure to keep private the integrity of the information. The main security
procedures comprise: encryption, digital signatures and algorithms.
Jing (2009) recognizes that to be able to prevent stealing of information and in order for only the
rightful owner to see the data, there are several elements which must be checked such as:
integrity of information, validity of information, non-repudiation of information, authenticity of
the transaction status and reliability of the system. The integrity of information refers to the fact
that trade partens can affect the integrity of the information by accidental data entry errors,
duplication of information or difference in information provided. The validity of information
concerns the idea that the online payments will be affected by the validity of information from
customers, companies to the country scale as the validity of the transaction price and period is
mandatory. The Non-repudiation of information focuses on the point that the transfer of the
information must include a reliable source of identification for individuals and companies,
identification which is mad ein original so it cannot be denied. The authenticity of the transaction
status refers to internet transactions which are lead at a large distance and there should be an
understanding that in order for any transaction to be well accomplished there should be trust. The
reliability of the system means that the system should provide security and reliability by making
impossible the computer failures, hardware/software failures or transmission errors.
Murdoch and Anderson (2009) have introduced in their studies the concept of 3D secure protocol
which is branded Verified by Visa and MasterCard Secure Code. The goal of the 3DS is to
permit the merchant to make a connection to see if a customer is the rightful owner of the
specific card number. The system is designed by Visa and MasterCard and it has proven that the
merchants that use the 3Ds have diminished the liability for disputed transactions. With 3Ds the
cardholder must register a password with their bank and then enter the password every time they
are making an online purchase. The authors are criticizing the method of 3DS because they
observe that the 3DS form has no address bar, therefore there is no clue as to the where the form
is originating from and this is against the guideline of the bank which advises clients to avoid
phishing sites. Moreover, another important point is that 3DS conceals the communication of the
merchant, acquirer, issuer and payment scheme but it does not cover the way in which the
customer verification is done. Because of this, the fraud liability is on customers shoulders.
1.3 Risk Management in Online Processing
Michael Levi (2000) states that the global networks, credit, debit and charge cards can never
avoid the risk of crime entirely. The online payment frauds are emerging in a fast pace in the
organization and it has occur as a big risk for the businesses of nowadays. As the complexity of
business increases and companies manage to endure competitive in the global network, many
systems are open to error for manipulation from the employees, by not having a good fraud
internal checking system leading to many occasions for critical loss.
The well known AllCharge(http://www.newgenpay.com) payment services provider expresses
the importance of fraud prevention as the merchant is the one that pays the costs of the products
which are not accounted for and the fines for the credit card industry. Based on this, the
following innovative fraud prevention implementations are required: Address Verification
System, white list of customers, blacklisting of customers, filtration of customers by monitoring
their activity, IPs, credit cards and also filters by IP, BIP compared to the data declared by the
user.
Ward (2010) in its recent report Strategies for Reducing the Risk of eCommerce Fraud sustains
that one of the responsibilities of any business in the online environment which relates to fraud
control is to be in line with the Payment Card Industry Data Security Standard (PCI –DSS). The
latter mentioned comprises a set of requirements made by the card networks which are set to
keep private the personal information of the customer. It represents and expensive and diligent
process but it must be done by all enterprises that store credit card information and they need to
certify that they meet the PCI standards, standards that refer to the way in which information is
stored, used and managed by a business.
Virtue (2009) discusses the division of the PCI standards into six main goals as follows: build
and keep a secure network; keep private cardholder data; support an exposure management
program; integrate strong risk measures; monitor on a regular basis and test networks; keep a
security policy.
Money Laundering is another issue that arises in the environment of online processing being
defined as the act that makes illegal obtained funds to appear as legit.