ecommerce Certificates Conclusion
In this module, you were introduced to certificates for ecommerce and how they can be used to establish the identity of an individual or a server.
You also learned how to request a server-side digital certificate, how to install it, and how to configure your e-commerce Web site to use encrypted transactions for member and order information. Lastly, you set up and configured your e-commerce site for online transactions.
Now that you have completed this module, you should be able to:
- Outline the considerations of a secure transaction
- Explain the issues involved in choosing a payment method
- Design your Web site for secure transactions and payments
- Describe protocols used to secure transactions, including SSL and SET
- Establish secure transactions through the use of digital certificates
Key Terms and Concepts
- Acquirer: A special apparatus used by a merchant bank to query issuers (card holder banks) to see if a card holder's account is valid.
- Card holder: A person ready to buy goods and services with a credit card.
- Certificate authority (CA): A respected, trusted body that creates and manages certificates. A certificate authority signs other people's certificates and acts as a trusted third party. You can obtain personal, software publisher, server, and certificate authority certificates, depending on your needs.
- Digital cash: The use of proprietary software to convert "real" money into information easily transferred over a public network.
- Digital certificate: A way to prove your identity. You can use it to encrypt and decrypt messages from individuals and servers. In technical terms, it is a public key that has been signed by a certificate authority.
- Digital signature: Use of a one-way hash algorithm and a private key to provide a stamp of approval on an electronic document or network transmission.
- Merchant: The e-commerce site ready to sell goods and services. A merchant must establish a relationship with an acquirer before transacting online.
- Merchant bank: A financial institution that offers accounts to merchants. These accounts enable transactions between the card holder and the merchant.
- Online transaction processing: The ability to process credit card information, track users, and bill related parties automatically.
- Payment gateway: Software operated by the merchant that relays data between the merchant and the merchant bank. It is the interface between the e-commerce site and the bank.
- PKI: A movement interested in standardizing the creation, transport, and storage of keys. This standard was developed to improve the ability to use certificates across vast networks.
- Public key algorithm: The use of a key pair. The first half of the pair, or private key, stays secret. The second half, or public key, is freely distributed. Digital certificates and signatures use this form of algorithm.
- Registration authority: Creates certificate authorities.
- Revocation: What happens when you lose trust in a certificate.
- (SET) Secure Electronic Transaction:
A method of information exchange that allows businesses and clients an extra level of protection while conducting business.
- Secure Sockets Layer (SSL): An encryption method enabled by digital certificates.
- Selective disclosure: The ability to reveal only portions of a digital certificate. As yet, this is not possible in an e-commerce setting.
- Third party: A merchant can delegate responsibilities to other organizations to save time and expense.
- Trust: A trust relationship is a logical link that combines two domains into a single administrative unit. With appropriate trust relationships in place, users from a trusted domain can access resources in
a trusting domain transparently.
- Trust chaining: The ability for businesses to work together and process only that information they need. Each business along the chain must trust the other implicitly for the entire process to work.
- Wallet: The repository for digital cash. Wallet software resides on a client\'s computer. The client must "fill" a wallet before using it on an e-commerce site.
Also, the e-commerce site has to support the particular wallet software the client is using.
Payment Transactions Processing - Quiz
Click the Quiz button to take a multiple-choice quiz on the material we covered in this module.
Payment Transactions Processing - Quiz