Ecommerce Implementation  «Prev  Next»
Lesson 11 SET protocol
ObjectiveDescribe the SET protocol.

SET protocol (Description)

Created by Visa and MasterCard specifically for the use in financial transactions, the SET protocol requires that all participants have certificates for identification. In the SET protocol, the merchant never sees the credit card number because the information is encrypted for the merchant's bank only. In a SET, the software components required by the various participants are:
  1. Card holder wallet application
  2. Merchant SET point-of-sale software
  3. Payment gateway software
  4. CA software
SET supports activities such as credits, returning of goods, reverse authorizations, and chargebacks.

Trust chaining

SET uses the concept of trust chaining[1] . All the parties trust each other and can exchange information with each other. What is more, each party in the transaction processes only that information that directly concerns it. For example, the merchant never learns the credit card number of the client. The merchant simply trusts the merchant bank to inform it that the bank authorized the transaction. One of the important differences between a SET and other e-commerce transactions that occur in the United States is that SET provides for the use of an acquirer to verify the card holder's credit card instantly. The Slide Show below is an abbreviated presentation of a SET.

Cardholder Merchant Transaction

1) Set Transaction1
1) Cardholder indicates to merchant a willingness to make a credit card procedure.

2) Set Transaction2
2) Merchant sends the buyer an invoice, his certificate, and the certificate of his bank (i.e. the issuer).
These are encrypted and with CA's private key.

3) Set Transaction3
3) Cardholder uses CA's public key to decrypt the information.

4) Set Transaction4
4) Cardholder generates order information and sends to merchant (encrypted with the merchant's public key)

5) Set Transaction5
5) Merchant generates authorization request and sends it to his acquirer (encrypted with the banks public key)

6) Set Transaction6
6) Merchant's bank sends a request for payment authorization from the issuer through the acquirer or traditional bank card channels.

7) Set Transaction7
7) The acquirer sends a settlement response to the merchant's bank after receiving a response from the issuer (cardholder's bank)

8) Set Transaction8
8) Once the cardholder's bank authorizes payment, the merchant's bank sends a response to the merchant (encrypted using the merchant's public key). This response includes the transaction identifier. This completes the transaction

Order Steps Set - Exercise

Click the Exercise link below to review the steps required in a SET.
Order Steps Set - Exercise

Set Protocol - Exercise

Click the Exercise link below to complete the course project for this module. You will create and certify a certificate to enable SSL encryption.
Set Protocol - Exercise
The next lesson concludes this module.

[1] Trust chaining: The ability for businesses to work together and process only that information they need. Each business along the chain must trust the other implicitly for the entire process to work.

SEMrush Software