SECURE ELECTRONIC PAYMENT
PROTOCOL
SEPP is an open, vendor-neutral, license free
specification that secures on-line transactions.
It provides a standard for presenting credit
card transactions on the Internet.
Some
of the companies that have developed SEPP are IBM, Netscape, CyberCash and MasterCard.
SEPP helps in fulfilling some of the business requirements, which are stated as follows:
•It enables confidentially of payment information.
•It enables confidentially of payment information.
• It ensures integrity of all the payment data that is transmitted.
• It provides the authentication that the card holder is
the legitimated owner of the card account.
• It provides the authentication that the merchant can
receive MasterCard branded card payments along with an acquiring member
financial institution.
SEPP
process
·
SEPP assumes that the cardholder and merchant
have been communicating in order to negotiate terms of a purchase and generate
an order.
·
These processes may be conducted via a WWW
browser;
·
These operations may be performed through the
use of email via the user’s review of a paper or CD-ROM catalogue or other
mechanisms.
·
SEPP is designed to support transaction
activity exchanged in both interactive (on-line) and non interactive (off-line)
modes.
The SEPP system is composed
of a collection of elements involved in electronic commerce:
· Card
holder: This is an authorized holder of a bankcard supported by an issuer
and registered to perform electronic commerce
· Merchant:
This is merchant of goods, services, and/or e-products who accepts payment for
them electronically and may provide selling services and/or electronic delivery
of items for sale(e.g. e-products)
· Acquirer:
This is a (MasterCard member) financial institution that supports merchants by
providing service for processing credit-card based transactions.
· Certificate
management system: This is an agent of one or more bankcard association
that provides for the creation and distribution of electronic certificates for
merchants, acquirers and cardholders.
· Bank
net: This represents the existing network which interfaces acquirers,
issuers, and the certificate management systems.
Messages for SEPP-compliant
processing of payment transactions
·
Purchase order request
·
Authorization request
·
Authorization response
Purchase Order Inquiry
·
Purchase order Inquiry Response
Additional messages for
online customer
·
Initiate
·
Invoice
·
Purchase order response(with Purchase order
status)
Messages for offline (i.e.
e-mail) transactions or transaction sent to merchant not on-line with the
acquirer
·
Purchase order response (acknowledgement without authorization)
SEPP PROCESS DIAGRAM
No comments:
Post a Comment