線上信用卡付款--技術發展的回顧與評估

薛 夙珍, Jing-Jang Hwang

Research output: Contribution to journalJournal Article peer-review

Abstract

在Internet線上使用信用卡付款,於提供信用卡付款資訊之後,真正的貨款轉移及隨後的銀行問清算,是以現有信用卡付款的組織體系為基礎。此類系統較易與現行的體系整合,故發展的速度較快,所以我們預期它是各種電子支付協定中,是最廣為社會所接受的方式。這一篇文章回顧了最近幾年來Internet線上信用卡付款系統技術的發展;我們回顧了以卡號加解密為主的「傳輸加密(channel encryption)」方式、IBM蘇黎士實驗室的iKP協定(Internet Keyed Payment Protocol)、提供「持卡人證書(cardholder certificate)」作為個體識別的SET、與以「信用卡證書(credit card certificate)」取代「持卡人證書」的Revised SET、匿名信用卡協定五種方法。經過對各種線上信用卡付款系統詳細的分析與討論,我們知道由於在設計上對交易個體間彼此信任關係的基本假設不同,各種協定採行了不同的安全保障方法,也因此有了不同程度的隱私保護。最後,我們也預測未來的發展趨勢。
It is anticipated that on-line payment by credit card will be quickly accepted by elec-tronic payment protocols. Fund transfers and clearings that follow the transmission of infor-mation about payment by credit card over the Internet are based on the current credit card payment infrastructure. Due to easy integration with current banking systems, on-line payment systems using credit cards have been quickly developed. This paper reviews several techniques that facilitate on-line payment by credit. card over the Internet. Included are the "channel encryption" method that relies on the encryption .of credit card numbers; Internet Keyed Payment (iKP) protocol developed by IBM Laboratory at Zurich; SET that provides "cardholder certificate" as individual identity; revised SET that substitutes "cardholder certificate" by "credit card certificate"; and anonymous credit card protocols. The distinct protocols make different assumptions about trust between transaction parties, and apply diversified security protection mechanisms. As a result, they induce different degrees of privacy protection. Future trends of this technology are also predicted.
Original languageChinese (Traditional)
Pages (from-to)1-21
Journal資訊管理學報
Volume5
Issue number1
StatePublished - 1998

Cite this