1 / 19

Application Fields of the Austrian Citizen Card in e-Commerce

Application Fields of the Austrian Citizen Card in e-Commerce. Diploma thesis of Christoph Baumann Institute for Applied Information Processing and Communications (IAIK) Graz University of Technology, Austria. Application Fields of the Austrian Citizen Card in e-Commerce. or

pravat
Download Presentation

Application Fields of the Austrian Citizen Card in e-Commerce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Application Fields of the Austrian Citizen Card in e-Commerce Diploma thesis of Christoph Baumann Institute for Applied Information Processing and Communications (IAIK) Graz University of Technology, Austria

  2. Application Fields of the Austrian Citizen Card in e-Commerce or How to use smartcards for secure payment in Internet B2C e-Commerce

  3. Overview of the presentation • Introduction • Current situation in B2C e-Commerce • Concept of a secure payment model with smartcards • Overview of an Implementation • Demonstration • Summary

  4. Introduction About the citizen card • Concept for e-Government • for every citizen • Smartcard providing secure electronic signatures • based on European Community framework for secure electronic signatures

  5. Current situation in B2C e-Commerce 1/ 2 Problems of Internet B2C e-Commerce: • no confidence in Security Standards (65%) • no personal consulting (50%) • appropriate offers difficult to find (35%) • no „real“ shopping experience (30%) Source: Summary of Studies on e-Commerce, E-Business, Franz-Joachim Kauffels

  6. Current situation in B2C e-Commerce 2/2 Common payment methods • Credit Card • Pay on delivery Payment usually involves sending sensitive data like the credit card number to the shop

  7. Concept of a secure payment model 1/4 Payment from the customers view should be • anonymous • secure • with the help of a trusted third party • simple

  8. Concept of a secure payment model 2/4 Payment from the shops view should be • easy to integrate • secure • contracted out (Outsourcing)

  9. Concept of a secure payment model 3/4 Secure Payment per electronic bank-transfer • like traditional bank transfer • Payment involves a trusted 3rd party (Bank) • secure through digital signatures

  10. Concept of a secure payment model 4/4 Principle (1) (1) prefilled money order form (2) signed money order (3) money order receipt Customer Shop (3) (2) Bank

  11. Overview of an Implementation 1/ 2 Outline of the Implementation (1) (1) order data (2) prefilled, signed order form (3) signed money order (4) signed money order receipts (2) Portal Customer (3) (4) Bank Shop 1 Shop 2 Shop x

  12. Overview of an Implementation 2/2 Bank –> Shop (money order receipt) Service location Step 1 UDDI Bank UDDI Registry Service description Step 2 WSDL Bank Shop Service invocation Step 3 SOAP-SEC premised on secure Webservices Bank Shop

  13. Demonstration 1/5 Let's go shopping... http://demoportal.buergerkarte.at

  14. Demonstration 2/5 The order is confirmed ... http://demoportal.buergerkarte.at

  15. Demonstration 3/5 The prefilled money order form ... http://demoportal.buergerkarte.at

  16. Demonstration 4/5 Signing the money order form with the card ... http://demoportal.buergerkarte.at

  17. Demonstration 5/5 The money order receipt for the customer http://demoportal.buergerkarte.at

  18. Summary Secure Payment by bank-transfer • involving secure electronic signatures in every step • employing standard technology (HTTPS, HTML, XML / XML-DSIG, UDDI, WSDL, SOAP-SEC) • secure and transparent for the customer • easy and secure for the shop

  19. Questions

More Related