StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Electronic Money Challenges and Solutions - Report Example

Cite this document
Summary
This paper outlines the aspects of electronic money challenges and solutions. The advent of modern technology has taken its place in each household as important part of people's lives. Internet has been a revolution and is being used for shopping, investments, banking, and a variety of other professional and personal purposes. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.5% of users find it useful
Electronic Money Challenges and Solutions
Read Text Preview

Extract of sample "Electronic Money Challenges and Solutions"

1. Electronic Money and E-Payment Systems 1 Introduction The advent of modern technology has taken its place in each household as important part ofpeople's lives. Internet has been a revolution and is being used for shopping, investments, banking, and a variety of other professional and personal purposes. The modus operandi for these transactions can not be the traditional currency as currency notes can not be exchanged over the web. Hence, a new form of currency has been used. This is called electronic money or 'e-money'. Also called 'e-currency', it is being spent through 'e-wallets'. This has started a new paradigm of business opportunities which would benefit both customers and organizations. As Bill Gate, the founder of Microsoft puts it: 'Information technology and business are becoming inextricably interwoven. I don't think anybody can talk meaningfully about one without talking about the other.' (Bill Gates) 1.2 E-Payment E-payment or electronic payment is a technique of making transactions over the internet or some other electronic system. The transaction takes place in the form of secure data transfer from one end to the other. The greatest advantage of an e-payment based transaction is the speed with which the transaction gets completed. Other benefits include the ease with which the transaction can be completed; the users do not have to be physically present to make these transactions and in fact, both buyers and sellers can meet in the electronic market to make electronic transactions using electronic money. 1.3 Types of e-Payment Systems There are various forms of e-payment systems that are in use nowadays. These include credit cards, debit cards, online transfers, wire transfers, e-money like Pay Pal, and other modes through which people make payments over the web. Most of these systems are based on a ID and password system to protect against unauthorized usage. 2. The Problems with Electronic Payment Systems With an increase in the magnitude of online applications and systems, there is a growing threat of security issues, vulnerabilities and exposure on the use of electronic transmission, and internet based systems. This has been a concern for companies, individuals, government and law enforcement agencies. Doing transactions online means making payments for the goods and services that are purchased; this leads to a need for developing a mechanism to make these 'e-payments'. This further translates into developing and implementing a security process to ensure that these transactions are carried out keeping the confidentiality, integrity and availability of the systems intact. An e-transaction is as susceptible to fraud as any other transaction, if not more. The fraudsters are many in the electronic world, are dispersed all round the globe, have update knowledge and expertise about the systems and computers, and are attacking to gain access to, and in many cases, to use the identity, funds and communication of a person in illegal, unethical and undesired way. 2.1 Security Issues for E-Money and E-Payment Systems Security of electronic money refers to establishing the confidentiality, integrity and availability of information when it is passed through the electronic system. Some security requirements for an electronic money transfer system are outlined below (British Standards, 2006, p.3): Confidentiality - ensuring that information is accessible only to those authorized to have access to it. Integrity - safeguarding the accuracy and completeness of information and processing methods Availability - ensuring that authorized users have access to information and associates assets when required Authenticity - information should be available to sender and recipient, who must prove their identities to each other Non-repudiation - assurance/ proof that the transmitted message was indeed received (ECD, 2007). 3. Key Challenges and Recommendations for Electronic Payment Systems A description of specific risks and challenges of online transactions is provided below. 3.1 Privacy and Confidentiality Issues The information that is being sent over the electronic medium can be viewed by anyone since the data packets take various paths to traverse. This might result into breach of privacy and confidentiality of information. A method to deal with this risk is to encrypt the data packet before sending it across to the network. In this approach, the contents of the data packet are encoded using an algorithm which is known to the sender and receiver only. At destination, the contents are decoded using the same algorithm. This ensures that no modifications are done with the data contents of packets reaching the destination. One of the primary building blocks for security in electronic payment systems is cryptography, the theoretical basis for encryption (ISACA, n.d., p.2). A given cryptographic technique may be based on either private keys or public/secret key pairs. Public key infrastructure (PKI) rests atop encryption and in turn supports online payments. 3.2 Theft and Fraud An evident risk of electronic transactions involving electronic money is the risk of theft and fraud whereby a person knowingly tries to misappropriate funds. One form of electronic fraud is called the Rounding Off technique, which refers to drawing off small amounts of money from a computerized transaction or account and re-routing it to another account. Another form of electronic theft is carried out by stealing identities of authorized personnel and then carrying out transactions impersonating as others. This is also called Spoofing. Effective ways to counter these risks is to use a strong user ID and password mechanism, or perhaps a biometric control at the site from where the transactions are made. In addition, strong internal controls in the electronic payment verification system can track the transaction trails, keep logs of the activities that are being carried out, and can report if any non-routine activity is noted. The logs can also be viewed to detect occurrence of fraudulent activity. 3.3 Data Integrity Violations When data is transmitted across two points, a risk arises that an intruder might tap the wire and will read the contents of data packet. (S)he will then be able to alter and modify the data contents, can redirect the data packet to some other location, or can do other malicious activities. The integrity of data will then be compromised and the contents of the data packet can not be trusted. One way to protect against data integrity violations is to use data encryption procedures as described above. Another approach is to use Digital Certificates. These are used to endorse an electronic document in a way that can be later validated for authenticity. Digital Certificates are like electronic fingerprints that authenticate the identity of a person or website, positively. 3.4 Middleperson Attacks One inherent problem with electronic payment systems is the user interface that is used to display the transaction at various point-of-sales terminals and other places. The machine at the terminals shows the amount of transactions, but what if the machine is being programmed to deceive the customer, and is charging more but showing only a percent of the actual amount that is being charged from the customer. There is no way for a customer to ensure that the transaction actually takes place with an authorized machine and not with some other system that is reading the sensitive information from the card. This poses a threat to customers although they can later on file complaints if they are charged over and above the amount they were supposed to pay. These attacks are called 'relay' attacks or 'middleperson' attacks and are extremely hard to prevent. The biggest problem is to ensure that the transaction follows a trusted path and is not routed through an un-trusted and unknown zone. There is no way for card holders to see exactly how much are they about to pay, and to whom. 3.5 Physical Card Theft It is not uncommon to find out instances where the robbers steal a person's credit/ debit card and make transactions on the customer's behalf. Until recently there was no way to prevent this from happening except a weak control of taking authorization signatures at the payment desk. However, the signature can be forged. One solution to this problem is the latest chip cards in which a digitally programmed chip is installed into the card, and holds the PIN for the customer. The customer has to enter the PIN in the system which is then authenticated by the bank. The transaction is authorized once the PIN and card number both match to the data recorded in the system. 4. Integration with Visa and MasterCard Systems Companies, usually, are connected with Visa and Master Card systems to authenticate the true identity of a potential customer. This is done to keep the identity theft based frauds to a minimum level. The electronic payment details along with card number are electronically sent to Visa and Master Card systems which search the extensive databases that are maintained in these systems to verify the details of card and customers. Upon successful verification, approval is sent back to the requesting terminal (Federal Reserve Bank of Chicago, 2000). 5. Industry's Best Practices and International Benchmarks Realizing the importance of online transactions and payment systems, a number of best practices, benchmark standards and e-commerce laws and regulations have come in to effect. Two most popular standards for information security over the electronic payment systems include ISO27001 Information Security Management System, which is issued by International Standards Organization (ISO); and Control Objectives for Information Technology (CObIT) published by Information Technology Governance Institute (ITGI) in collaboration with Information Systems Audit and Control Association (ISAC) who is the governing body for information systems auditors around the world. The latest version of CObIT is 4.0 with CObIT about to be published in May 2007. CObIT is freely available at the ISACA website (ISACA, 2007). These standards detail the minimum requirements to protect an electronic system like an e-commerce website, point of sale terminal, ATM machine etc. from security flaws and attacks. Companies and individuals can use these standards to obtain valuable information on how to protect electronic money transfers across digital systems. 6. Conclusion Electronic money has become one of the critical innovations of this era due to extremely high demand and impact of electronic transactions and internet in everyday lives. In order to reap the maximum benefits out of this promising field, all stakeholders including companies, regulators, and customers need to understand the importance, risks and challenges associated with the use of electronic money for making online payments. Information security and privacy should be a supreme concern for everyone who is associated with electronic money. References British Standards Institute. (2006). Information Security Management Systems. British Standards Institute, p. 3-4 ECD (2007). Customer Security: Basic Principles. Retrieved April 30, 2007 from the World Wide Web: http://www.ecommerce-digest.com/ecommerce-security-issues.html. Federal Reserve Bank of Chicago (2000). Electronic Bill Payment: Challenges and Opportunities. Proceedings. Retrieved May 3, 2007 from the World Wide Web: http://www.chicagofed.org/news_and_conferences/conferences_and_events/files/2000_electronic_payments_conference_proceedings.pdf. ISACA: Information Systems Audit and Control Association. (n.d.). eCommerce Security: PKI, Digital Certificates in E-Commerce. ISACA.org (2007). Serving IT Governance Professionals. Retrieved April 29, 2007 from the World Wide Web: http://www.isaca.org/. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Electronic Money Challenges and Solutions Report, n.d.)
Electronic Money Challenges and Solutions Report. https://studentshare.org/finance-accounting/1524835-electronic-money-challenges-and-solutions
(Electronic Money Challenges and Solutions Report)
Electronic Money Challenges and Solutions Report. https://studentshare.org/finance-accounting/1524835-electronic-money-challenges-and-solutions.
“Electronic Money Challenges and Solutions Report”. https://studentshare.org/finance-accounting/1524835-electronic-money-challenges-and-solutions.
  • Cited: 2 times

CHECK THESE SAMPLES OF Electronic Money Challenges and Solutions

Benefits and Challenges of EHR Implementation in a Psychiatric Hospital

Evaluation of the Benefits and challenges of EHR Implementation in a Psychiatric Hospital 21st, January, 2013 Introduction For effective performance of health institutions, there is need for improvement of the management of records through adoption of new technologies.... This essay will focus on the benefits and challenges of EHR implementation in a psychiatric hospital setting.... hellip; electronic Health Records (EHR) refers to the use of technologies in clinical setting for purposes such as record keeping and management....
4 Pages (1000 words) Essay

Contract Safety Improvement for Exelis Incorporated

The study "Contract Safety Improvement for Exelis Incorporated" concerns challenges facing Exelis company capital, alternative solutions to decrease accidents, offering incentives for excellent safety records as the best solution to be adopted, enforce stricter policies for safety violations, etc.... I am the Managing Director of Exelis Inc and would like to introduce to you the key challenges facing this company and the solutions that can be put in place to ensure the company runs smoothly in its operations....
6 Pages (1500 words) Case Study

Industrial Situation in Arrow Electronics

The company that is the subject of this paper is Arrow Electronics, a company, which distributes electronic parts including semiconductors and passive components.... They are Arrow/Schweber, Anthem electronic and Zeus electronics sold semiconductors to different customer bases, i.... Arrow Electronics was a broad line distributor of electronic parts including semiconductor and passive components, under the leadership of Stephen Kaufman and reached the number one position among electronics distributors by 1992....
8 Pages (2000 words) Case Study

Organic Solar cells

It costs four times, as much money, to generate 1 KWh of electricity from solar energy in comparison to conventional methods (Iyer 17).... Solar cells are a used in electronic devices like calculators and laptops.... The technology is just gaining acceptance because of its cost implications....
4 Pages (1000 words) Essay

Spin Electrons and Its Use with Computers

This topic is critical because, without a revolutionary approach such as spintronics, the computer industry will soon face a lot of challenges concerning processor speed.... Researchers could avoid many challenges in their work if computers that are based on spintronics could be economically developed.... The phenomenon is a step toward computers and other spintronic devices that use less energy and are faster than their electronic counterparts....
8 Pages (2000 words) Research Paper

Electronic Discovery Issues

The paper gives information about the main issues that occur with electronic discovery.... The term electronic discovery means the unearthing of all information that is electronically stored, and this information is that which is contained in email messages, instant messages, voicemails, and cell phones.... hellip; Information in websites, call logs, databases, word processing documents among many others that are found in the application systems of electronic devices add up to the list too....
6 Pages (1500 words) Research Paper

Electronic Security Solutions and the Creation of the Right Balance

The paper discusses the introduction of electronic security solutions has given rise to many debates regarding which between manned security and electronic security solutions is best suited for the consumers.... hellip; Several security measures types are required in different areas to provide security solutions in different locations with different degrees of crime vulnerability.... Researches conducted over the years show that CCTV's are extremely efficient in security solutions....
16 Pages (4000 words) Research Paper

Electronics Waste Recycling System

This paper states that the waste from electronic goods is the fastest growing component of the solid waste system.... This is also set by the future predictions that this volume of e-waste is going to rise in developing countries in the next five years… In Saudi Arabia, the recycling and waste management aimed to create more awareness in 2007 and presented different means about the recycling the electronic waste.... However, in 2012 ICC formed an electronic waste recycling plant which was the first in the Arab countries made in collaboration with EXITCOM Every year, there is more than 50 million tons of electronic waste which are dumped into dumpsites and landfills....
11 Pages (2750 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us