Security aspect of Third Party Payment
Nowadays we are talking about the digitization of every
transaction that we perform via any medium like desktop, mobile etc. Due to the
popularity of the internet and its vast usages most of the companies are
willing to move into e-businesses and expand their business at a rapid rate,
and for online payments, all the company must use of payment gateways. For
every payment transactions, we need five parties for making it successful
transaction. They are client, merchant, financial institution, acquirer, and
the payment gateway. A payment gateway is a service that acts as an
intermediary between the merchant's website, issuer and the acquirer. But the
question is what about the security of personal information and financial
details? With result companies and the client wants some kind of security proof
payment gateway system. Financial data management does not need to be this
stressful. Many of these smaller businesses, however, rely on third-party
companies to perform their payment processing and data management, further
complicating risk assessment. Digital transactions can be performed by third
party involvement or direct to the company. Some of the third party gateways
are payU money, Cc Avenue, PayPal, payU etc. In India we
can have different types of shopping supports provided by third
party payment gateway like credit and debit cards, net banking, bank
transfer, EMIs, cash on delivery, wallets etc. Managing financial information
is a dangerous business, and the past year has been marked by a number of
significant data breaches.
In the year 2013, the different types of issues of the cashier
system at a major retailer exposed information on 40 million debit and credit
cards. Researches on payment gateway security consider different security
mechanisms to enhance the security of transferring sensitive customer
information. These mechanisms include security standards, protocols, hashing
methods and encryption methods as follows.
Data Encryption: One of the most important and main security method used in payment
gateways is the encryption of data. In data encryption when the customer enters
their financial information like credit and debit card details, network
attackers try to fetch that details payment gateway should protect them by the
different network attackers.
Secure Sockets Layer: SSL stands for Secure Sockets Layer. SSL is a secure network
protocol used in web browsers and servers. Every time it demands certificate
authentication. It creates a uniquely encrypted channel for transferring
customer private data over public channels with that certificate
authentication.
Secure Electronic Transaction: SET stands for Secure Electronic Transaction (SET) and it’s a
standard protocol which was developed by the Visa and Master card in
cooperation with various other companies like Microsoft, Netscape and VeriSign.
The SET transaction involves three main parties and provides full proof
security to all three parties.
Public Key Infrastructure: This method introduced
that secure mobile system. Payment gateways always contain sensitive
information like pin code of credit card/debit card. So PKI protect customers
from unauthorized users. PKI is a system to enhance the security of mobile
commerce which consists of digital certificates, certification authorities and
other registration authorities.
Certification Authority: This security mechanism demands authentication from different
authorities and developer Stephen Kent presented a new approach to enhance
the security of payment gateway.
Mr. Pramod Pandey
Assistant Professor
Department of Management Studies
