History

Executive Summary

With the advancement of monitoring and ensuring consumer safety in e-commerce, consumers are safe to conduct business online. This is proven through collaborative commerce, increased security and verification, the rating system, and laws and regulation that protect consumers. Consumer Protection is vital in any form of e-commerce to eliminate the fear that users may have about the validity of a website. To ensure consumers safety when conducting transactions online, protection systems and laws have to be enacted. Approximately one-fifth of total electronic commerce is accounted for by business to consumer (B2C) transactions. The dynamic nature of the new economy of virtual transactions, particularly the internet, calls for key decision makers and businesses to develop new policies that ensure growth and advancement in consumer interests. With the rapid growth of e-commerce, enterprises must adopt the effective e-commerce technology that ensures online trust, security, and privacy.

There should be confidence in the safety, security, and privacy of information on the internet because without this measure in place there will be no e-commerce and no growth. More importantly, businesses have to invest in e-commerce technology infrastructure to deliver digital content that is encrypted and ensure the protection of consumer's identity. This involves the innovation of new technology that ensures strong intellectual property protection. When consumers have confidence that their identity is protected in transactions conducted online, it stimulates the information economy and leads to economic growth.

Explanation of the Technology

Businesses have security measures such as S-HTTP and SET (Secure Electronic Transaction) to ensure security of the transaction process on the internet. S- HTTP provides a number of services to ensure security, as it "encrypts information to ensure that only the intended recipient can read the information. A wide range of encryption standards are supported provides authentication to ensure that the sender is the author and to ensure that the information has not been tampered with en – route. It supports digital signatures to confirm the sender is who he claims to be. SET will work with a client who does not have a client public key certificate, which means the user does not need to register a client key and so an instantaneous secure session can be established. Also, it will only encrypt a compete document or form rather than just parts of the document or form. This means that a form requesting names, addresses, telephone numbers etc, will be completely encrypted, thus providing greater security." (Ecommerce Technology).

SET (Secure Electronic Transaction) "ensures the security of financial transaction on the Internet with the use of a system of locks and keys along with certified account Ids for both consumers and merchants. It is used by MasterCard, Visa, Microsoft and Netscape and IBM. SET established industry standards that kept consumers order and payment information confidential." (Ecommerce Technology). More importantly, SET allows the use of the best security practices and system design techniques that protect all legal parties in an e-commerce transaction.

SET and S – HTTP Application in the E-Commerce

1. The customer requires a SET – enabled browser such as Netscape or Microsoft's Internet Explorer and that the transaction provider (bank, store, etc.) has a SET-enabled server.

2. The consumer opens a MasterCard or Visa bank account. Any issuer of a credit card is a bank or an affiliated institution.

3. The customer receives a digital certificate; an electronic file as a credit card for online purchases or other transactions. It includes a public key with an expiration date and has been validated by the bank.

4. Third-party merchants also receive certificates from the bank. These certificates include the merchant's public key and the bank's public key.

5. The customer places an order over a web page; the customer's browser receives and then confirms the merchant's certificate for validity.

6. The browser sends the order information. This message is encrypted with the merchant's public key, the payment information (which is encrypted with the banks public key and cannot be read by the merchant), and information that ensures the payment can only be used with this particular order.

7. The merchant verifies the customer by checking the digital signature on the customer's certificate. This may be done by referring the certificate to the bank or to a third party verifier.

8. The merchant sends the order message along to the bank.