© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.

org (ISSN-2349-5162)

ELECTRONIC PAYMENT SYSTEM, RISK AND

SECURITY ISSUES
Mandeep Singh, Dinesh Kumar,
Sumanpreet Kaur, Preetkamal Kaur, Gurinder Singh
Assistant Professor
Computer Science, Management
A.S.B.A.S.J.S. Memorial College Bela, Ropar, India

Abstract: It is widely accepted that pleasant protection better faith and that understanding of fine safety reinforce the use of e-
commerce. In fact, consumer approach of the protection of electronic payment systems has become the main aspect in the growth
of e-commerce in the markets. In this paper, we analyze concern related to the safety of electronic payments from a consumer
perspective. This study suggests an abstract model that describes the encouragement of recognized consumer safety and recognized
confidence, including the effects of perceived safety and perceived confidence on the use of electronic payment.

Keywords: ACH, SET, PCI, SSL.

1. INTRODUCTION

The electronic payment system is a means of making transactions or paying for goods and services without the use of checks or
money. This system is also called the e-payment system or online payment system.

The increased electronic payment system in recent decades due to banking and Internet shopping. As the world progresses with
the development of automation, we can see the emergence of e-payment systems and payment processing gadgets. It will reduce
the percentage of check and cash transactions by providing increased, improved and ever more secure online payment transactions.

2. ELECTRONIC PAYMENT METHODS

Credit cards are a popular e-payment method, however, in view of commercial programs, it can be expensive to primarily accept
the merchant. Debit cards make an excellent choice with the same security, but they are usually very reasonable. In addition to card
payments, alternative payment methods have emerged and market leadership has sometimes been claimed. Wallets Play an effective
role in mineral products such as PayPal and Alipay. Bitcoin Payment Processor is an inexpensive substitute for accepting online
payments that offer more protection against scams.

2.1 Credit card

A credit card is a payment card issued to the consumer (cardholder). Thus, a reseller of goods and services is established on the
basis of his promise to pay the amount to the issuer of the card and other agreed fees. To be able to pay. The card issuer generally
creates a revolving account and gives the holder a line of credit from which he can pay a broker or borrow money in the form of
cash payment.

On the other side, credit card credits payment services with the extension. The complicated format of fees in the credit card
corporation may prevent the consumer from comparing the store due to involvement in expanding corporation profits, many
legislatures control credit card fees.

A credit card is distinct from a payment card, which needs a balance to be paid for each month. On the contrary, credit cards allow
for a steady balance of consumer debt, based on interest credits. A credit card is different from a debit card, which can be used as
currency by the card owner. A credit card usually includes a third-party organization that pays the seller and which is paid by the
buyer while a credit card is issued by the buyer.

2.2 Debit Card

A debit card (also called a credit card, debit card or check) is a debit payment card that can be used rather than cash at the time of
buy. It looks like a credit card, but unlike a credit card, the money is instantly transferred from the cardholder's bank account during
the transaction.

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 142
© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.org (ISSN-2349-5162)

Some cards can get a stored value with which a payment is done, while most cardholders send a message to the bank so that money
can be withdrawn from the beneficiary's designated bank account. In some cases, the primary account number is usually provided
for use on the Internet and there is no physical card.

In numerous nations, the use of debit cards has increased so much that their volume has been completely replaced cheques, and in
a few cases to cash transactions. Unlike credit cards and payment cards, debit cards have generally been developed as a result of
the nation, resulting in the creation of many distinct, frequently contradictory, systems around the world. Since the mid-2000s,
several enterprises have been taken to authorize debit cards issued in a foreign country and allow their use for Internet and telephone
purchases.

2.3 Smart Card

The smart card looks like to a debit card or a credit card, however, it has a small microprocessor smart. It has the potential to store
personal or work-related information of a customer. Smart cards are also used to store money and after each deal, the amount is
deducted. Smart cards are only usable by means of a PIN code sent to each consumer. Smart cards are secure because they store
information in an encrypted format, are cheaper and offer faster processing. Mondex and Visa cash cards are examples of Smart
cards.

2.4 E-Wallet

E-Wallet is a prepaid account in which customers can store different credit cards, debit cards and bank account numbers in a secure
environment. This removes the requirement to terminate the account information key each time the payment is made. When the
consumer creates an id and an e-wallet
profile, he can pay faster.

2.5 Electronic Fund Transfer

This is a very popular electronic payment method for transferring fund from one bank account to another. Accounts can be in the
same bank or in distinct banks. The funds can be transferred using an automated teller machine (ATM) or a computer.

At present days, Internet-based EFTs gain popularity. In this case, a customer uses the website provided by the bank, connects to
the bank's website and registers another bank account. Then, he/she requests a transfer of money from this account. If the account
is at the same bank, the customer's bank is transferred money to another account, else the transfer request is sent to the ACH
(Automated Clearing House) so that the money can be transferred to another account and from the customer account the amount
can be deducted. Once the amount is transferred to another account, the customer is informed of the transfer of funds from the bank.

2.6 E-Money

Discover the status of e-money transactions when payment is made over the network and any financial institution is transferred
from any other financial institution without the involvement of a middleman. E-money transactions are fast, acceptable and save
you a lot of time.

Online amounts made by credit card, debit card or smart card are examples of e-money transactions. Another favorable example
is online cash. In the case of online money, the customer and the operator must register with the bank or the company issuing online
money.

2.7 Mobile Payment

One of the modern ways to pay online is to use a mobile phone. Rather than of using a credit card or cash, all customers will have
to send an amount request to their service provider via SMS. Invoiced for the purchase of a customer's mobile account or credit
card.

To set up a mobile payment system, the customer must download application software only from their service provider's website
and then associate the credit card or mobile billing information to the software.

3. WORKING OF E-PAYMENT SYSTEM

Compassionate how to make an e-payment can become high-tech because many components are in progress. Important partners
for the electronic payment transaction have a distribution session:

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 143
© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.org (ISSN-2349-5162)

Fig 1: Working of e-payment system

Source: https://www.slideshare.net/RiteshGoyal/electronic-payment-system

 The cardholder is determining as the consumer who buys a product or service online.
 The merchant is the person or company that vends the goods or service to the cardholder.
 The issuer is the economic organization that issues the cardholder with a payment card. This is usually the cardholder's bank.
 The buyer, or merchant account source, is an economic organization that initiates the account with the merchant. Buyer
Authorizes Holder's Account.
 The amounts processor manages government transactions between cardholders and the merchant.
 The payment gateway processes payment messages for the merchant and uses security rules and convert plain text into cipher
text using encryption to ensure transaction security.
 Electronic payment transactions are divided into two types: One-time vendor payments and Recurring consumer vendor
payments.

 One-time vendor payments to distributors are generally used on e-commerce websites. Clicks to buy bank information and
buses on a
type of cardholder or a payment page.

 Recurring consumer vendor payments are paid when the cardholder pays for goods or service on a frequent basis. Consumers
record
their information once and then chooses a recurring billing option with the payment date. It is usually used by auto insurance
agencies,
telephone companies, loan management enterprises and other types of occupations.

4. Problems in e- Payment System

4.1 Credit risk

A transaction involves a risk if a party cannot provide sufficient funds for an agreement. This can happen if a supplier goes
bankrupt or after the settlement. Weakness, such as the right exposure threshold or limitations, and incomplete first-person credit
analysis, increasing the likelihood of credit risk.

4.2 Fraud risk

A new transaction can be added to the processing rush for unlawful cause or an actual transaction will be replaced by incorrectly
misrepresenting wrong transmissions, NCUA has written.

Physical protection, data protection, change of control and inadequate internal control on functional controls, the possibility of
fraud and possible harm to a credit union.

4.3 Compliance risk

Including the requirements of the Electronic Funds Transfer Act, the Bank Confidentiality Act, and the Foreign Assets Office,
there is a possibility of failure to follow the regular rules of the union.

4.4 Liquidity risk

One prospect is that a credit union will be unable to resolve liability for the full amount when it will take effect, the agency has
been warned. This can happen when credit union depository does not High material (making a fund available before the effective
date of transactions, lack of exposure estimate of huge hazard movement in overdraft or management, and inefficiency controls.

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 144
© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.org (ISSN-2349-5162)

4.5 Systemic risk

Clearance and compensation Networks are one or more possible members and will be inadequate or reluctant to resolve its
promises. This allows another member to be inadequate to resolve his promises on one or more payment networks.

4.6 Operational and transaction risk

One feasibility is that a credit union will deficient or fail the internal processes, people and systems, the NCUA said. The possibility
of non-posting or wrong posting in a member account is something that should be able for the management of the credit union.
Many economic organizations process payment of separate retail and wholesale payment systems.

The enterprise has characterized this further complication as "cross-channel risk". In case of cross-channel risk, several deceit or
organizations channels, such as a branch, a call center, a debit card, a voice response unit or a bank site or application mobile.

4.7 Strategic risk

There is a possibility of liability when a credit union offers paid services without an appropriate plan, or propose latest payment
services with appropriate behavior without the appropriate provider.

4.8 Reputation risk

One feasibility is that a credit union will be inadequate to meet consumer's assumption by the consignment of retail payment
services. It can also be difficult for the accountants to make an assessment of these potential risks and the most experienced
evaluation of the management, NCUA defined that those who are seeing offering these services to their customers for the first time
will also face major challenges Faces up.

5. PAYMENT SECURITY MEASURES

5.1 The Encryption Approach

Encryption is a procedure of transferring plain text or data so into cipher-text that the dispatched information is not accessible to
anyone other than the recipients and senders. The idea of Encryption (1) protects the stored data and (2) protects the transmission
of information.

There are different types of Encryption that have differences in properties as well as formation. However, public key encryption
and symmetric key encryption are two of the best prominent and widely used methods of the e-commerce industry.

Public key Encryption uses two math-related numeric keys, a private key, and a public key, while in single-key Encryption,
recipients and senders have the ability to encrypt and decrypt information.

5.2 Secure Socket Layer (SSL)

Developed by Netscape Communications Corporation, Secure Socket Layer or SSL, it is clearly the most effective security model
implemented by e-commerce companies around the world to secure payment for their channels.

SSL implements data encryption for encryption, optional client authentication, server authentication, and TCP / IP connections.
The protocol design aims to prevent the disclosure of confidential information when communicating data over the Internet between
two interacting applications.

The Secure Sockets Layer protocol is a traditional protocol widely used by the e-commerce industry. It meets the following
security provisions

 Encryption
 Authentication
 Non-reputability
 Integrity

“http:/” is used for HTTP URLs without SSL, whereas for HTTP URLs with SSL, “https://” is applied.

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 145
© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.org (ISSN-2349-5162)

5.3 Secure Hypertext Transfer Protocol (S-HTTP)

Enabling HTTP Internet Protocol with S-HTTP protection increases Internet security with public-key encryption and digital
signatures.

Safe HTTP attempts to further secure transactions by negotiating the encryption schemes used between a server and a client.
Designed to be compatible with the ease and simplicity of HTTP, it allows endless security for users through a variety of defense
tools.

5.4 Secure Electronic Transaction (SET)

SET is backed by Deliverance, MasterCard and Visa, ensuring the security of all parties involved in an e-commerce transaction.
This is designed specifically for critical functions such as –

 Authenticating cardholders and merchants

 Ensuring the confidentiality of information and payment data
 Define protocols and electronic security service providers

Secure Electronic Transaction enables interoperability between different operating system platforms and applications. SET links
the following sections –

 Digital Wallet Software − Secures cardholder’s online purchases via point and clicks interface.
 Merchant Software − Helps merchants interact with financial institutions and customers in a secure manner.
 Payment Gateway Server Software − Provides support for merchant’s certificate request, enabling an automatic and standard
payment process.
 Certificate Authority Software − Assists financial institutions issue digital certificates to merchants and cardholders to
register for secure electronic commerce.

5.5 Payment Card Industry (PCI) Compliance

The Payment Card Industry Security Standards Council, established in 2006, is a compliance system that fully protects the payment
system, monitors PCI online transactions and its weaknesses.

5.6 Safe Login Screen

This is essential to secure the connection system as much as possible. Otherwise, hackers will be easy to penetrate and access
sensitive data. The application of this security protocol is extraordinary, but it can effectively remove several security risks.

5.7 Digital Signature

The digital signature is an encrypted message that is a unique private key capable of checking. The signature has been linked to
the data so that the electronic signatures are automatically deactivated if the data changes.

Protecting Customer's 'Payment Information Security and Confidentiality' is a serious issue. The above guidelines will help e-
commerce industries reduce the possibility of security breaches, promote their confidence in expanding the online business.
Conclusion

In conclusion, it is generally deliberate that the trading of goods on the Internet constitutes electronic commerce. E-commerce is
growing daily. By using e-commerce technology, it is necessary to put in place the best safety portion to help the business. The cost
of securing the e-commerce server will be less than the cost of recovering the data once it is attacked. It is necessary to control,
monitor, audit and take action to achieve the highest level of safety. Regardless of the level of security of the system, a hateful
accessory can, however, create errors.

References:

[1]. Xingjie Yu,Su Mon Kywe, Yingjiu Li.2018. Security Issues of In-Store Mobile Payment. Handbook of Blockchain, Digital
Finance, and
Inclusion,2:115-144
[2]. Rasim Alguliyev, Yadigar Imamverdiyev, Lyudmila Sukhostat.2018. Cyber-physical systems and their security issues.
Computers in
Industry,100:212-233
[3]. Hajime Tomura.2018. Payment instruments and collateral in the interbank payment system. Journal of Economic
Theory.178:82-104

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 146
© 2019 JETIR March 2019, Volume 6, Issue 3 www.jetir.org (ISSN-2349-5162)

[4]. Agnew, Gordon. 2003.Secure electronic transactions: overview, capabilities, and current status. Payment technologies for E-
commerce.
Springer Berlin Heidelberg.211-226.
[5]. Wei Feifei.2010. Research on Security of Mobile Payment Model Based on Trusted Third Party. Second International
Conference on
Networks Security, Wireless Communications and Trusted Computing.
[6]. NOOR RAIHAN AB HAMID, AW YOKE CHENG.2013. A Risk Perception Analysis on the use of Electronic Payment
Systems by
Young Adult.10(1):26-35
[7]. https://securionpay.com/blog/e-payment-system/
[8]. https://en.wikipedia.org/wiki/E-commerce_payment_system
[9]. https://squareup.com/townsquare/electronic-payment-systems
[10]. http://www.cutoday.info/Fresh-Today/Eight-Risks-With-Electronic-Payments
[11]. http://ekutumb.com/payment-security-measures-to-deal-ecommerce-security-threats

JETIR1903022 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org 147