Cryptography Reference
In-Depth Information
6.3
Secure Electronic Transaction (SET)
To travel hopefully is better than to arrive, and the true success is to labour.
Robert Louis Stevenson
(1850-1894), Scottish novelist
On page 232, we mentioned the circumstances surrounding how Visa and
MasterCard developed SET in 1997. Now we have the tools to describe this
scheme in detail. To do so, we need some terminology, and due to the complexity
of the scheme, a brief overview before we give the complete description.
First of all, a
payment gateway
is an interface between SET and the existing
e-commerce network for authorization and payment. We will use Trent for this
role. Alice will be our cardholder, and Bob will be our merchant. Diagram 6.1
is an illustration of the SET mechanism after which we will explain the opera-
tion in detail. However, it will be a simplified version to ease the explanation
without significantly altering the themes and function of the SET protocols.
For instance, in the following we assume that Trent is internally contacting the
acquirer
(a financial institution that processes credit card payments and autho-
rizations), and an
issuer
(a bank that provides Alice with her card), without
mentioning them, except parenthetically.
Diagram 6.1 SET Protocol Actions
Trent
Payment
Gateway
Alice
Cardholder
Bob
Merchant
Purchase
−−−−−−−→
Request
Authorization
−−−−−−−−−−→
Request
Verify
Verify
Purchase
←−−−−−−−
Response
Authorization
←−−−−−−−−−−
Response
Verify
Encrypt
Payment Capture
−−−−−−−−−−−−−→
Request
Sign &
Decrypt
& Verify
Payment Capture
←−−−−−−−−−−−−−
Response
Send Goods
←−−−−−−−−−
or Services
Transfer
Funds
Bob's
Bank
Account
Search WWH ::
Custom Search