Back to Safety & SecurityFor instance, you could have a frequent flyer program working on the same card as your debit or credit account - so anytime you use your card, you earn points in your favorite program. Other services allow you to participate in frequency or loyalty programs with merchants, including storing hotel reservation preferences on your smart card. Financial institutions have partnerships with local mass transit systems so you can pay for public transit with your smart card in various cities throughout the world. Smart cards have is a stored value application that allows you to pre-load money onto your smart card to pay for small-value transactions. Typical transactions include bridge or expressway tolls, parking fees, Internet purchases, and laundromat services - even pay phone calls. In various parts of the world, banks have partnered with telephone companies to accept some smart cards, so instead of searching for exact change, you can use your smart card to pay for phone calls. The chip will coexist with existing technology on the card for some time to come. This ensures that if you are ever in a location that does not have a chip-reading terminal, you can still complete your transaction using the card's magnetic stripe.
Smart cards will provide increased utility. Your financial institution could expand your access to the information, products, and services they provide. Smart cards can communicate with a wide variety of devices that provide account access such as point-of-sale terminals, ATMs, personal computers, mobile phones, telephones, and many others. Smart cards can also be used to conduct secure transactions over the Internet. Smart cards will give financial institutions the power to offer you more convenience. Smart cards will provide acceptance at merchants who now only accept cash, such as newsstands, vending machines, and laundromats. As the "access key" to many accounts, the chip reduces the number of cards that must be carried. In fact, smart cards can be used to access all of a customer's accounts, since they are able to store information about multiple financial applications.
Smart cards have a Secure Electronic Protocol (SET) [1]. which provides a way for cardholders and merchants to identify each other before a transaction takes place. This assures both parties that the payment will be handled in the same way as it is today in the physical marketplace. This authentication process uses digital certificates that are issued to cardholders and merchants by member financial institutions. SET also incorporates the use of public key cryptography to protect the privacy of personal and financial information. With SET, consumers' payment card information is protected all the way to the financial institution. The merchant cannot read this information in the payment transaction.
In many ways, SET and digital certificates represent the next step in secure electronic transactions. They provide an easy and convenient way to ensure that the participants in an electronic commerce transaction can trust each other. This trust is established through notable financial institutions. For example, the credit card company will provide digital certificates to the card-issuing financial institution and the institution will then provide a digital certificate to the cardholder. A similar process takes place for the merchant. SET uses digital certificates to authenticate the consumer and merchant to each other before an electronic transaction takes place. With SET, cardholders can validate that the Internet merchant is legitimate through the merchant's digital certificate. SET software automatically checks that the merchant has a valid certificate representing their relationship with their financial institution. This provides consumers with the confidence that their payments will be handled with the same credit card promise that they trust today. With SET, merchants can now authenticate cardholders through SET certificates and realize the benefits of face-to-face payments over the Internet. Merchants can more readily accept smart cards without need for merchant-based credit card registration processes. And consumers only have to register their cards once with their financial institution to use SET at all participating merchants. Like the signature on the back of a Visa card, digital certificates verify that the consumer is authorized to use a payment card and the merchant is authorized to accept it. The digital certificate is automatically sent from the consumer to the merchant as part of the order instructions.
There are four separate software components required for SET specifications:
1. Cardholder "wallet" software: This software allows cardholders to make secure purchases via an easy point-and-click interface and to communicate with the merchant's SET software automatically to verify the merchant's certificate and relationship with a trusted financial institution. This software also administers and maintains the cardholder's digital certificates. A consumer's digital certificate is an electronic representation of his or her payment card. It saves encrypted information about the cardholder, account, and certificate issuer.
2. Merchant software: This software includes the technology required to communicate securely with cardholders and their financial institutions. It also manages the exchange of digital certificates prior to a sales transaction. A merchant digital certificate contains information about the merchant and the merchant's relationship with their Visa financial institution.
3. Payment Gateway server software: This software performs an automatic and standard payment process. It also decrypts payment instructions from cardholders and will support the process for a merchant's digital certificate request. The payment gateway server translates SET transaction data from the merchant's financial institution into the format currently used for processing Visa transactions.
4. Certificate Authority software: Financial institutions will use this software to enable cardholders and merchants to register their respective account agreements for secure electronic commerce. This software will also be used to issue the "digital certificates" to cardholders and merchants. These certificates consist of a set of electronic information, containing cryptographic keys and other data, that is saved by the cardholder's software in their personal computer for later use every time the cardholder shops using his computer. Certificates ensure that the participants in an electronic commerce transaction can trust each other. Certificates also contain the digital signature of both the issuing financial institution and Visa, enabling the merchant to know that the cardholder's card number can participate in a SET transaction.
The Inside Running. Various publications on-line, August 1998.
http://www.capman.com.au/inside/[back to text]
IBM Payment Registry. IBM Corporation, 1998
http://www.software.ibm.com/commerce/payment/context.html[back to text]
Smart Card Forum. Site content: various publications . Dec, 2, 1998
http:http://www.smartcrd.com/[back to text]
Smart Card Resource Center. Private company website.
http://www.smart-card.com/[back to text]
Back to Safety & Security
