EXPERTS AND PROFESSIONALS ONLY!


    payment systems explained

    Share

    zeusk
    Admin

    Posts : 144
    Join date : 2011-12-04

    payment systems explained

    Post  zeusk on Thu Jun 21, 2012 6:44 am

    Abandon Trial – (Purse) In some (trial) versions of the ecash Purse the Abandon Trial function is provided. After confirming the instruction the Purse will Cancel any outstanding Payments, Deposit the ecash held by the Purse, and instruct that the Account status be changed to ‘disabled’. Thereafter the Account cannot be used.

    Abort Transaction – (cf. Cancel Transaction) In some versions of the ecash Purse the Abort function is provided to stop the exchange of messages, and send a message which requests a roll-back to the start of the protocol. The software can then verify whether the transaction has been successfully aborted. This function is not included in all software versions, and, given the time/sequence factors and the general complexities of Internet protocols, it cannot always be successful.

    Accepted – (The Transaction Status is indicated for each transaction in the Transaction Log). A transaction is assigned 'Accepted' status after execution has been acknowledged or verified. The 'Accepted' (or 'OK') status is regarded as the default and shows no icon in the appropriate field (see Transaction Status Icons).

    Account (ecash Account) – A Purse-holder's (digital) Account with a Mint (sometimes known as a Safe). For an ecash client to function, each Purse-holder must have one or more such Accounts at an operational Mint run by an ecash Issuer. Each Account is in a specified currency. An ecash Account may be maintained separately or as a feature of an existing conventional bank account or credit card, etc. Purse-holders can open one or more ecash Accounts with one or more Issuers, and may therefore own several Account IDs.

    Account ID – The Account name on a digital Account. (Although this may include any combination of alpha-numeric characters such as an email address.) The Account ID is not necessarily globally unique (although it assumed to be so when concatenated with the Issuer ID) (see also email address, below).

    Account Number – A unique number within the Mint which (in conjunction with the Mint Number or Mint ID) serves as a globally unique identifier.

    Account Status – Each Account is associated with one of the following states – Enabled, Disabled or Unused.

    Accounts Window – (Purse) The main ecash window includes an overview of Mint and Purse balances and presents buttons which access basic functions such as Withdrawal, Deposit and Refresh Coins.

    API – The Application Programmer's Interface provides tools for software developers who are implementing ecash applications.

    Authentication – A procedure to verify that the originator of a message is the same as the sender that is stated. (cf. verification, integrity, uniqueness).

    Authorisation string – A set of data fields that contains the authorisation to transfer money from an Account.

    Back-up – The ecash client tries to retain 100% consistency with the records of the issuing Mint; therefore it is not advisable to back up the client data-files locally. Do not make copies of ecash data-files except as part of one of the procedures documented in the manual. If a local crash occurs (causing loss of data on your PC) you should use the Recovery procedure as documented (which bases the Recovery on files kept by the Issuer's Mint).

    Balance Limits – Variable factor which can be used by the Issuer to set the upper (and lower) limits of cash which can be held in an ecash account. Bank Withdrawals which would result in an excessive balance (high or low) will be rejected by the Mint with an explanatory message.

    Bank – The Bank is the institution which underwrites the value of its own bank-notes. An ecash-issuing bank is called an Issuer. An Issuer runs a computer to produce electronic coins. This computer and its ecash software are referred to as the Mint.

    Bank Deposit – (cf. Deposit) The transfer of funds from the ecash Mint Account to the Bank Account (as distinct from a Deposit; which is a transfer from the Purse to the ecash Mint Account).

    Bank Withdrawal – (Purse) (cf. Withdrawal) The transfer of funds from the (conventional) bank account to the ecash Account at the Mint (as applicable to Issuers where these two accounts are separately identified). In contrast, the term Withdrawal is used to indicate transfer of funds from an online (Mint) account to the Purse (client).

    Base Coin Value – The lowest value of coin in any particular Coinage. See Coinage (below).

    Blinding Factor – (Purse) The essential element for anonymous Payment systems. The Blinding Factor is calculated into the coin number by the user before it is sent to the bank for validation. It is subsequently removed again before the coin is used in a Payment. Thanks to the blinding factor, the number which was signed (by the Mint, during a withdrawal) cannot be associated with the number which was returned (to the Mint, during a Deposit), although certain unique (mathematical) characteristics have been retained.

    Cancel Payment – (Purse) If a Payment of digital coins has been Deposited by the payee at the Mint then it is not possible to Cancel Payment. However by reporting the coins as invalid and proving the user's identity as the legitimate owner of the coins, the system will accept cancellation of unredeemed coins. Coins used in a specified Payment are invalidated by the cancellation procedure, and will be refused if they are subsequently presented to the Mint. In order to Cancel coins the user must prove ownership by revealing the coin number and thereby surrender a limited degree of anonymity.

    cb$ (cyberbucks) – Trial currency with no real value (as used in trials of ecash).

    CGI – CGI scripts are used to provide certain ecash server functions. Specifically they are used in implementing the shop's charge script and providing other configuration options.

    Change Password – (Purse) Providing that the user can enter the current (Mint or Purse) Password, this procedure will allow them to change it. The same string must be entered twice in order to confirm the change.

    Charge Script – (Merchant) The shop is constructed so that it can take input about the items to be sold and calculate a price. The CGI script refers the input information to a charge script. The output from the script (i.e. the price) is then referred to the Payment Request mechanism which sends a message to the client requesting Payment.

    Coin – The ecash payment method is based on Coins – a Coin is the digital equivalent of a traditional coin and similar in that it has a specified value, but carries no 'imprint' to identify the (current) owner. Unlike traditional coinage, the Coins, once received by the Merchant's Purse, cannot be passed directly to a third party, but have to be Deposited at the Mint first.

    Coin Distribution – (Purse) The Purse tries to keep an assortment of coin denominations so that the number of possible Payment amounts is optimized. Typically it will try to ensure that there are sufficient coins to complete at least 8 transactions of the lower values. (See also Refresh Coins).

    Coinage – A set of digital coins issued by the Mint and designated with the same Coinage Version Number. Each Coinage issued by the Mint is based on a set of defined values including the Currency, the expiry dates, the number of coins in the series and the Base Coin Value (the value of the first / lowest value Coin in any Coinage), It is linked to a specified set of Coin Keys.

    Coin(age) Expiry Date – Each Coinage Version expires according to a Phased Expiry Schedule (see below) which specifies the dates on which all Coins made in a specified Coinage will cease to be functional. After the expiry date the ecash client software waits for a connection to the Mint (i.e. the next Check Mint, Deposit or Withdrawal transaction), and exchanges expired coins for freshly minted ecash. At a later date (determined by the Issuer) it will become necessary to make a special request to the bank, and the Issuer may require some time to check the validity of the expired coins before they can be reissued.

    Command Line – Non-graphic clients (used for ecash by Merchants and some UNIX users) are operated using a series of key commands entered in text mode. This type of interface is also used in MS DOS to configure system executables. The application presents a prompt and responds to the input command directly.

    Confidentiality – The property of a message such that it cannot be decoded or read by an unauthorized third party.

    Crash – see Recovery

    Create / Terminate Account – In order to maintain a clear distinction, the terms Create (and Terminate) are used to describe the procedure by which ecash Accounts are defined and established at the Mint. Following a request from the user an Account is assigned or 'Created'. When the Set-up Protocol is performed, the Account receives an opening transaction and becomes 'enabled'. If the Account is to be removed from the system then it should first be 'disabled' (so that no new transactions are possible), then closed (including the removal of any outstanding balance) and then 'Terminated' (i.e. removed from the Mint's Account Database). Thereafter the Account will no longer exist.

    Currency – All ecash money is denoted in a currency. The currency might be an existing 'real-world' currency, such as the US dollar, or the Dutch guilder, but ecash is not restricted to existing currencies. Alternatively, the currency might be a precious metal, stocks, bonds, futures, coconuts, e-miles, airmiles, oil or any other trading item. Strictly speaking, the currency is also defined by the Issuer and the currency-fraction (also known as the 'granularity'). Thus, dollar amounts are represented in cents (1/100th of one dollar), and oil amounts are represented in (full) barrels. Each currency is defined by a unique Currency ID. (See also Coin Denomination Distribution).

    Denomination – The integer value of a coin, expressed in the currency-fractions.

    Deposit – (Purse) (cf. Bank Deposit) The sending, by the Purse, of (a number of) ecash Coins to the ecash Account. These may be Coins which have been received as Payment (i.e. 'Deposit Payment') or Coins stored on the Purse-holder's hard disk and not spent(i.e. 'Deposit Cash'). The Purse software also renews any expired Coins by Depositing them at the Mint and making an equivalent Withdrawal.

    Digital Signature – A technique using Public Key Cryptography that allows one party (the signer) to attach a digital signature to a (digital) message. The signature can only be created by the signer, and all other parties in the system can verify that the message was indeed signed by the signer. Digital signatures are mainly used to provide Authentication.

    Disable Account – Although some clients can access this function via the Abandon Trial routine, the bank is usually directly responsible for the ecash Account status recorded at the Mint. It can be changed using the various Mint Management interfaces.

    Email Address – If you wish to change email addresses you should inform your Issuer (whose policy may require that the Account ID is also changed accordingly). Merchants are assigned a more complete corporate description as ID. An Account ID such as 'J.R. Smith (Engineering) Ltd.' is a clearer identifier than the accompanying email address (e.g. smith@net.co.uk) and helps to ensure that customers send their Payments to clearly identified Merchants.

    Encryption – Process by which information is encoded , so that it can only be read by the holder of the appropriate decryption key. Encryption is used to provide confidentiality of messages.

    Error Codes – Error codes comprise an explanatory message and (in some clients) a numerical reference. The online help page refers the browser to an explanatory text for each message. Error codes are also listed in the Purse User manual.

    (Purse) Event Log – The log which records the message exchanges and protocol execution of the ecash client. This log is useful when an error appears to have occurred and can be accessed from the ecash software in most instances.

    (Mint) Event Log – Log which records the activity of the Mint, unsuccessful attempts to contact it and aborted protocols. It also maintains a list of completed transactions.

    Expired Coins – Coins which have passed their pre-determined expiration date are detected by the Purse software. They are automatically exchanged for fresh coins during the next Withdrawal or Deposit transaction (or manually when the 'Refresh Coins' function is used).

    Filter – A range of functions which can be used to sub-divide the entries in a Transaction Log, so that only transactions which fall inside the user-specified parameters are shown in the listing. The filters can be used to list transactions of a particular type (e.g. Payments) or to establish a range of dates.

    Firewall – A firewall is a computer which is placed between a local network and the Internet. Its main function is to restrict the types of connections which can be made. Operating ecash client software from behind a firewall (whether Merchant or end-user) usually requires some degree of additional installation or configuration. Information about this is provided in the appropriate manuals.

    Generate Keys – (Purse) The Account is supplied to the customer along with a Set-up Password. Once this has been correctly entered, the client asks for random data, some of which is used to generate a unique pair of keys. This process can take several minutes on PCs with slower processors, during which time no activity is shown on the screen.

    Global ID – A name which is globally unique can be constructed by adding a unique external address (such as Mint ID, email address or IP address) and an internally unique address (such as Account number).

    Hash – A basic cryptographic function. A hash function is a form of checksum on a large message. The basic property is that it is not computationally feasible (i.e. impossible in practice) to find two different messages whose hash value is the same. Even the smallest change in the sequence of characters results in a dramatic shift in the hash value.

    Integrity – The property of a message such that it is possible to verify that it has not been changed or altered by any third party. (cf. verification, integrity, uniqueness).

    Issuer (ecash Issuer) – An ecash Issuer is an institution that provides digital Accounts, by operating a Mint (ecash 2.3). It has its own keys for issuing Coins. There may be more than one Issuer in the system. The Issuer underwrites the value of the money in the Accounts and of the Coins it has issued to all other parties in the system.

    Key – Any security code which can be used for authentication and encryption purposes by the software.

    Key Version Number – A number uniquely identifying the key. When several keys are in use (e.g. while a new key is being introduced) this identifies the key that was used in signing or encrypting the message.

    Logs, Databases and Reports – A database is a file which holds information in a pre-configured matrix. Each line of a database file is called a record. (i.e. A record may contain details of an Account, of a Transaction, or of some other 'Mint Event') A Log is an open-ended file which automatically collects and retains some (sub-set or supra-set) of these records in chronological order (Transactions Log, Mint Event Log). Criteria for logging may be pre-configured in the software (e.g. The Purse-holder's Transaction Log includes only the transactions on the named customer's account) or specified as part of the Log creation procedure (e.g. parameters are usually inserted at the command line for generating Mint Logs and Reports). A Report is a sub-set of a Log (which is normally up-to-date at the time of generation) and may include checksums, totals and other arithmetical checks for consistency and auditing purposes. As an alternative to reporting, logs may be 'rotated' (i.e. removed to storage and replaced with an empty file in which the log entries will continue).

    Merchant – A Merchant is a Purse-holder (consumer, retailer, shop or service provider) who accepts Payment from other Purse-holders. The Merchant who runs a 'cybershop' will also use shop software which will, in response to user input, generate a Payment Request which is sent via TCP/IP to the customer. If the customer agrees, and returns a Payment message, the Merchant's Purse will Deposit the coins at the Mint (online) and wait for the "Deposit Accepted' message before releasing the goods to the customer. A Merchant is simply a Purse-holder who happens to be receiving the Payment. The shop software adds functionality so that a 'cybershop' can generate and send Payment Requests (using the shop Charge Script) and accept ecash Payments (i.e. Deposit and verify them) automatically.

    Merchant ID – A human-readable string used to identify the Merchant's Account in a Payment. See Account ID.

    Merchant Purse – The Merchant client is provided with a text-mode interface containing some additional functionality. Unlike the ordinary (end-user) Purse, the Merchant client will also create Payment Requests upon demand, automatically send incoming Payments to the Mint for Deposit.

    Mint – Version 2.x of ecash features Issuer software called Mint. The name derives from its primary function, the issuance of digital Coins. The Mint can also handle Accounts and transactions, although these are usually managed from a separate computer.

    Mint Account – (syn. ecash Account) The Account from which ecash can be withdrawn is also known as the ecash Account. The designated ecash Account is not always a conventional Bank Account, but may be ( for instance) a separately numbered ecash Account at the Mint or a credit card.

    Mint ID – In order to ensure that each Mint has a unique identifier and can be uniquely verified, each Mint is provided with a unique number which is included in all encrypted messages to and from the Mint.

    Mint Password – (Purse) The Password which the user must enter at the Purse before being able to access the ecash account at the Mint. The Mint Password is therefore required when making a Bank Withdrawal or Bank Deposit.

    Network Port – Several parts of the ecash system may require that specific controls are adjusted to indicate network port addresses. This is generally associated with ecash (Purse) software which is being operated from behind a firewall, or ecash shops which are linked to an integration.

    Numbe (cf. ID cf. Name) – Frequently used data, such as Account holders, and Transactions, is held in two forms. The numeric form is suitable for the computer, and more easily capable of generating a unique identity for the user. The ID (alphanumeric) form should be text-based (e.g. Name), and bear a clear relationship to the name (and perhaps location) of the Account holder, however this may not be easy to make globally unique and therefore lacks the secured uniqueness of the Number.

    Password – When new accounts are created the Mint assigns a Set-up Password which must be passed securely to the Purse-holder. Once this has been used to authenticate the new Purse-holder online, it is supplanted by Mint and Purse Passwords of the Purse-holder's own choice. The unchangeable Recovery Password is generated from random data during the Set-up of each account. This Passsword string must be entered exactly before any Recovery can be initiated.

    Paste – Payments of ecash can be included within many different file formats. Select the text area which includes the payment and select 'Copy' (from the Edit Menu) so that the data is placed on your clipboard. Now open your Purse and select Paste (at the top of the Payments Window). Ecash will try to retrieve the coin numbers. The Purse is usually able to ignore other text characters which are part of the message or the application formatting. If the coins are successfully retrieved from the message then you will be presented with a deposit dialog.

    Payment – The process of sending a Payment instrument from the Purse to the Merchant, and acknowledgment of the Payment by returning a message to the Purse.

    Payment Description – A descriptive string chosen by the Purse-holder and coupled to a Payment. The Payment Description is shown to the Payee (and appears in the Transaction Logs of both parties) and may be used to identify the Payer (if desired) or to provide a text to accompany the Payment.

    Payment Request – A message requesting Payment of a specified amount which is sent by a Merchant Purse-holder. The Payment Request includes details of the Account to which Payment should be sent and, in the message field, may include specifications of the goods or services which will be supplied in exchange. The recipient needs only click on one button to agree to Payment and the rest of the process can be handled automatically.

    Phased Expiry Schedule – Coins expire in phases according to the specifications of the Coinage to which they belong. The dates for each stage in the expiry are specified in the Coinage Version. After the first expiry date, Coins can no longer be used in Payments but can still be Deposited back into the Purse-holders Account or exchanged for new Coins of equal value. After the final Expiry Date the status of the digital Coins becomes similar to obsolescent bank-notes; i.e. the coins are obsolete and must be submitted to the Issuing Mint for scrutiny before any reimbursement is offered.

    (Payment) Policy – (Purse) In some versions of the Purse, the user is provided with functionality which allows them to express a policy for receiving Payments. This can be used to instruct the Purse software to ' Automatically accept all incoming Payments'.

    Private Key – The security key-code which can be used for signing and/or decrypting messages. The Private Key is kept secret by the party that created it.

    Public Key – The security key-code which can be used to encipher messages or verify signatures that have been created with the associated private key.

    Public Key Cryptography – Also known as asymmetric cryptography, the system uses one pair of keys for each user which are designated as Public Key and Private Key. Among its better-known forms are RSA, used in the S.W.I.F.T. system and similar protocols, and the American DSS (Digital Signature Standard).

    Purse – The ecash software for the end-user. The main role of the Purse is to protect the interests of the Purse-holder. The Purse takes care of all administrative and cryptographic tasks, and provides a friendly user-interface to the Purse-holder.

    Purse-holder – A real-life person or other legal entity that has at least one Account with an Issuer.

    Purse Password – The Password created by the user which protects access to the Purse and prevents an unauthorized user from spending the contents of the Purse.

    Purse Window – The Purse window shows the ecash toolbar and current Purse balance. The Preferences can be set to keep this window on top of windows from other applications.

    Random Numbers (PRNG) – Each Purse is supplied with a Pseudo Random Number Generator seed (PRNG seed) which can be used to generate the 'serial' numbers used for each coin.

    Recovery – The process by which, after a local crash etc., the financial position of the Purse can be reconstructed. This will mean that the Purse software needs to contact the Mint, asking for the most recent entries from the Transaction Log and recovering the Transaction Records and Receipts.

    Recovery Password – A key generated from random data which is held only by the Purse, and is used only to perform the Recovery procedure after a crash or failure.

    Refresh Coins – The Refresh Coins function actually performs two functions. Expired coins (if any) are exchanged for new currency, and the Purse's coin distribution is corrected by returning large coins and withdrawing smaller denominations.

    Rejected or Refused – Payment Requests are refused by the Purse-holder (i.e. 'Payment Refused') and Withdrawal Requests are refused by the Mint. 'Refusal' results from a policy or user-decision. In contrast, messages and transactions can be rejected because they are not correctly formatted, wrongly addressed, etc. Therefore, for example, 'Payment Refused' means that the recipient has chosen not to accept a valid Payment message (etc.). 'Payment Rejected' means that the message is not correctly formatted or addressed, or cannot be handled.

    Resend Payment – If an ecash message has been created and sent, but does not appear to arrived correctly at its destination, then the same coins can be resent in a subsequent message. Even if a recipient has several copies of the Payment message, only one of them will be accepted by the Mint, since any second attempt to Deposit the coins will cause the issuing Mint to return the error, "These coins have already been spent."

    Safe – Some Issuers use the term Safe to describe an ecash Account, i.e. an account at the Mint which contains ecash-dedicated funds, and from which the Purse can request a Withdrawal.

    Scaleability – The potential of the system for expandability, such that doubling the capacity of hardware results in a doubling in throughput capacity while maintaining the same response time. This characteristic ensures that the size of each system is unlimited.

    Secret Key – Secret Key Cryptography, also known as symmetric cryptography, makes use of the same key to encrypt and decrypt messages. In such a system the same key is known by both parties but kept secret. Secret Key algorithms include the DES (Data Encryption Standard) which is used in current banking systems to encrypt PIN numbers.

    Send Payment – As well as responding to a Payment Request, the user can also initiate a Payment from the client side. This process involves entering an amount and destination Account and the using the Send Payment function.

    Set-up Password – When an Issuer creates an account they will also need to enter a Set-up Password which is held in the Mint's Account database. The Password is passed to the customer via a secure channel and is then used to verify the identity of the user as part of the Set-up Protocol to Open their ecash Account online. Having authenticated themselves in this way, users are required to enter new Purse and Mint Passwords of their own choice. The Set-up Password is still required as part of the Recovery Procedure and should therefore be retained by the Purse-holder along with the Recovery Password.

    Set-up Protocol – The Procedure used by new Account-holders when they contact the Mint online to use their account for the first time.

    Shop Directory – (Merchant) All files which contain shop pages are held in the Shop directory. The directory is placed in a specified location (depending on the Web-server package which is to be used). When the user makes an input (e.g. clicks on the 'Buy' button) the input is referred to the charge script which calculates the amount which should be requested as Payment.

    Show Coins – (Purse) The Show Coins button can be used if the user needs to know the exact number and denomination of the coins which are stored in the Purse. If the coin distribution is not adequate (see Coin Distribution) then the Refresh Coins function can be invoked to exchange large coins for smaller denominations and thereby increase the number of exact amounts which can be constructed from the coins available (see also Refresh Coins).

    Show Details – (Purse) This function is used in the Transaction Log and displays a detailed record of the transaction. This display is useful for accessing details which are not shown in the Transaction Log.

    Show Event Log – (Purse) Button which calls up the (Purse) Event Log. This log records each message (i.e. part of a protocol or message exchange with another client or with the Mint), and is therefore useful when trying to identify a recent problem with ecash transactions. This function is not included in all versions of the ecash client software.

    Spent Coin -(c.f. Used Coin). A coin is spent at the moment it is sent from the Purse. When it arrives at the Mint it is checked against the Used Coins Database, and , if found valid, its status will be changed from 'Unused" to "Used". If the coin number is already used then it follows that the coin has already been spent twice, and it will be rejected.(see also Double Spending)

    TCP/IP connection – Payments that are made to virtual shops (i.e. ecash Merchant sites on the World Wide Web) are usually made using the TCP/IP protocol. This protocol is standard throughout the WWW.

    Text mode client-software – Client software, which is normally supplied to users with a Graphical User Interface (GUI), can also be supplied (e.g. to Merchants) as a text-mode executable which is more suitable for scripting.

    Transaction Log – (Purse) The client software produces a record of ecash transactions which is presented as the Transaction Log and is directly accessible from the ecash Toolbar.

    Transaction Number – The Transaction Log assigns a sequential number for each new transaction of a specified type. This is listed as part of the Transaction Database.

    Transaction Status Icon – Each transaction which appears in the Transaction Log is accompanied by an icon which indicates the status of the transaction, (e.g. OK, Pending or Failed). These icons are updated each time that the Purse contacts the Mint.

    Uniqueness – Verification that a message has not already been processed at an earlier time. This ensures that each message can be executed only once and any subsequent copy of the instruction will be ignored (cf. verification, integrity, authentication).

    Used Coins Database – (Mint) When the Mint accepts a coin for Deposit to an ecash Account it checks that it has not been previously accepted in a payment by referring to the Used Coins Database. When the coin has been Deposited the Mint records the number of the coin in the database changing the coin-number status from unused to used and therefore invalidates any future use of the same coin-number.

    Wallet – A (future) device controlled by the Purse-holder which is designed to function in association with an Observer (see above).

    Warning Sign – The Warning Sign appears in the Accounts window as an indicator that the Refresh Coins function should be used. Clicking on Refresh Coins will return some large coins to the Mint in return for smaller coins, so that a greater number of exact Payments is possible.

    Withdrawal – The down-loading of coins from an Account or Safe (at the Mint) to the Purse (cf. Bank Withdrawal).

      Current date/time is Sat Dec 10, 2016 10:19 pm