Chapter 12 SET for E-Commerce Transactions

The Secure Electronic Transaction (SET) is a protocol designed for protecting credit card transactions over the Internet. It is an industry-backed standard that was formed by MasterCard and Visa (acting as the governing body) in February 1996. To promote the SET standard throughout the payments community, advice and assistance for its development have been provided by IBM, GTE, Microsoft, Netscape, RSA, SAIC, Terisa, and Verisign.

SET relies on cryptography and X.509 v3 digital certificates to ensure message confidentiality and security. SET is the only Internet transaction protocol to provide security through authentication. It combats the risk of transaction information being altered in transit by keeping information securely encrypted at all times and by using digital certificates to verify the identity of those accessing payment details. The specifications of and ways to facilitate secure payment card transactions on the Internet are fully explored in this chapter.

12.1 Business Requirements for SET

This section describes the major business requirements for credit card transactions by means of secure payment processing over the Internet. They are listed below:

1. Confidentiality of information (provide confidentiality of payment and order information). To meet these needs, the SET protocol uses encryption. Confidentiality reduces the risk of fraud by either party to the transaction or by malicious third parties. Cardholder account ...

Get Wireless Mobile Internet Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Wireless Mobile Internet Security, 2nd Edition by

Chapter 12

SET for E-Commerce Transactions

12.1 Business Requirements for SET

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly