Scribd
Upload
11 views5 pages

Understanding Secure Electronic Transactions

Secure Electronic Transaction (SET) was developed in the 1990s to provide a secure method for online credit card payments, addressing the vulnerabilities of traditional payment systems. It aimed for confidentiality, integrity, authentication, non-repudiation, and interoperability through a complex architecture involving cardholders, merchants, and payment gateways. Despite its strong security features, SET faced challenges such as complexity, performance overhead, high costs, and ultimately, a lack of widespread adoption.

Uploaded by

50 3392BCACSANTHOSH
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views5 pages

Understanding Secure Electronic Transactions

Secure Electronic Transaction (SET) was developed in the 1990s to provide a secure method for online credit card payments, addressing the vulnerabilities of traditional payment systems. It aimed for confidentiality, integrity, authentication, non-repudiation, and interoperability through a complex architecture involving cardholders, merchants, and payment gateways. Despite its strong security features, SET faced challenges such as complexity, performance overhead, high costs, and ultimately, a lack of widespread adoption.

Uploaded by

50 3392BCACSANTHOSH
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Secure Electronic Transaction (SET)

Assignment – Cryptography

---

1. Introduction

With the rapid growth of e-commerce in the 1990s, the need for a secure method of online
payment became critical. Traditional payment systems were not designed for the internet, where
data travels through multiple unsecured networks. To address this problem, SET (Secure
Electronic Transaction) was introduced as a cryptographic protocol specifically aimed at
securing online credit card transactions.
Although SET did not achieve wide commercial adoption, it remains an important milestone in
the history of e-commerce security and provides valuable concepts for modern digital payment
systems.

---

2. Objectives of SET

SET was created with several key security goals:

1. Confidentiality

2. Integrity

3. Authentication

4. Non-repudiation

5. Interoperability

---

3. Architecture of SET

SET involves three major entities:


a. Cardholder (Customer)

The individual who makes the purchase using a credit card. They must have special
SET-enabled software called an “electronic wallet.”

b. Merchant

The online seller who accepts SET payments. They must possess digital certificates to verify
their identity.

c. Payment Gateway / Bank

The financial institution responsible for processing the transaction and verifying payment
authorization.

The SET architecture uses:

Digital Certificates issued by a trusted Certificate Authority (CA)

Public Key Infrastructure (PKI) for key management

Dual Signature to protect payment and order information separately

Encryption protocols to protect data during transmission

---

4. Key Technologies Used in SET

1. Public Key Cryptography

2. Digital Certificates

3. Dual Signature

4. Digital Envelopes

---

5. SET Transaction Process


A typical SET transaction proceeds through the following steps:

Step 1: Customer Registration

The cardholder registers with a bank and receives a digital certificate.

Step 2: Merchant Registration

The merchant obtains its own digital certificate from a CA.

Step 3: Purchase Request

The customer selects products on the merchant’s website and sends a purchase request using
SET-enabled software.

Step 4: Merchant Authentication

The merchant sends its digital certificate to the customer for verification.

Step 5: Order and Payment Submission

The customer generates a dual signature.

Order Information (OI) is sent to the merchant.

Payment Information (PI) is sent to the payment gateway.

The merchant cannot read PI; the gateway cannot read OI.

Step 6: Authorization

The merchant forwards the encrypted PI to the payment gateway for authorization.

Step 7: Payment Confirmation

Once approved, the gateway sends authorization confirmation to the merchant.

Step 8: Goods Delivery

The merchant delivers the goods or services to the customer.

Step 9: Capture
The merchant submits a request to the bank to finalize the transaction and receive the payment.

---

6. Advantages of SET

1. Strong Security
Extremely secure due to PKI, digital certificates, and dual signatures.

2. Privacy Protection
PI and OI are separated, ensuring customer details remain confidential.

3. Trusted Architecture
Every entity must be certified and authenticated.

4. Data Integrity
Digital signatures ensure that no unauthorized modification occurs.

---

7. Limitations and Challenges

1. Complexity
SET required specialized software and digital certificates, making implementation costly and
difficult.

2. Performance Overhead
Heavy cryptographic operations made transactions slower than simpler methods.

3. High Cost
Deploying PKI infrastructure and digital certificates was expensive for both merchants and
banks.
4. Lack of Adoption
Simpler protocols like SSL/TLS with credit card processing became more popular.

You might also like