Transcript Part one of the exercise: - Molde University College

ECheck and eCheckSecure
Group 19
Marie M. Moltubakk, Iqbal Habib, Bjørnar
Waage, Silje Øie, Samson A. Tedla
Part one of the exercise:
•
What specific information is needed to pay with an eCheck? After
making a purchase, from the site:
•
•
•
•
•
•
•
•

What you want to purchase and the amount of the product or/and service.
First name, last name, address, city, ZIP code, Bank Branch Location and home phone
number. Written in a sign-in chart to confirm your personal or company account
information.
Date of birth and US Drivers License or StateID.
They then write the check information for you automatically, and they ask you to
“Please remove and VOID the next check in your check book and enter the following
information from that check carefully.”
Then they ask you if your paper check is similar or not to their example, this is so they
can give you an explanation on where to find the numbers you are to write in.
The numbers are your routing number, account number and check number.
Then you get a visual example of how your paper check look like when is filled out with
all the information needed.
And you are asked to type your name, as a signature, to verify that you agree with the
information given in the visual check above.

And finally you get a confirmation that your check has been approved. With the
text
Check
eCheckSecure Privacy Statement
•
Information Collection and Use
ECheckSecure will not sell, share, or rent this information to others in any
way other than what is disclosed in this statement
• eCheckSecure Usage
A user must be passed to eCheckSecure via an authorized online merchant or
broker.
• Payment
ECheckSecure request information from the user on our verification forms.
• Cookies
eCheckSecure does not use cookies
some of our business partners and other entities use cookies on their sites prior
to the user arriving at eCheckSecure (for example, advertisers).
HoeCheckSecurever, eCheckSecure have no access to, or control over these
cookies.
• Log Files
ECheckSecure use IP addresses to analyse trends, administer the site, track
users’ movement, and gather broad demographic information for aggregate use
•
Sharing
–
–
–
ECheckSecure may share aggregated demographic information with our
partners and
advertisers from time-to-time. This is not linked to any personal
information that can identify
any individual person.
ECheckSecure partner with a credit verification company to verify the identification and credit
history of users’ checking accounts
This company may retain, share, store or use information for any secondary purpose and is beyond our
control.
• Links
This eCheckSecureb site contains links to other sites.
• Security
The eCheckSecure eCheckSecurebsite takes every precaution to protect our users’ information. When
users submit sensitive information via the eCheckSecurebsite, that information is protected both on
and off-line.
• Correction/Updating Personal Information
Information provided to eCheckSecure by the user cannot be changed by anyone once
the transaction has been processed. It is the responsibility of the user to insure that all
the information provided is correct prior to completing the transaction.
• Notification of Changes
ECheckSecure will always use information in accordance with the privacy policy
under which the information was collected.
Conclusion
•
•
The demo was easy enough to use, but I had no feeling that this was a secure way
to
do it.
It is easy for newcomers in the EC , and Internet shopping.(compared to a routine you
already have.)
How does eCheck Secure guarantee online
checks?
• Security
–
–
–
When our verification forms ask users to enter sensitive information (such as driver’s license and
financial information)
protected with state-of-the-art SSL encryption technology and Digital certificates.
authorized eCheckSecure administrators who need the information to perform a specific job (for
example, our billing clerk or a customer service representative).
Why we use eSecure /eCheck?
Data:
By 2004 only 80% of online payments will be made with a creadit card while the
number of US households that do not have a credit car will double between 1998 and 2003.
–
The personal information given by the costumer and user is used to identify the user and checking
information for the purpose of creating an electronic check transaction
–
The data are then converted by eCheck Secure into an electronic check that can be securely
transmitted to the Automated Clearing House (ACH) network.
–
Once the information is verified through one of the man risk management services available
–
And the transaction has completed electronically via ACH and founds are deposited into the
merchants bank within the usual 2-4 working days
–
The electronically is a Financial Service Mark-up Language (FSML) that use HTML for sending
payment messages that includes eChecks
Risk Managemnet Services
Equifax is the leading provider of consumer credit infromation in US.
Back Office Account Mangemnet
–
–
The eCheck secure back office is a secure data repository of all eCheck Secure transaction history and merchant
account profiles.
Users can view reports, query transaction status.
• Fully Electronic Check Settlement
•
–ACH Freeing consumers and marchants the inconvenences posed by papper drafts.
•
E-mail confirmation
Next Group 23
• Kjersti Grov, Geir Tommy Nilson,
Janne Pedersen, Rune Nygård
Kari
Bolt.com
upoc.com
Hva er bolt.com?
• Kanal for å etablere dialoger med 15 – 24 år
gamle mennesker
• Bolts medlemmer kommer til bolt for å dele
deres meninger og synspunkter
• Møte nye mennesker fra rundt omkring I
verden
• Styrer diskusjoner og innhold gjennom alle
plattformer
Hva er bolt.com? (forts.)
• Forsørger brukere med
gratis hjemmesider, email,
musikknedlasting,
øyeblikkelige
meldinger, spill og
mer
Hva er bolt.com? (forts)
• PC
• Trådløse mekanismer
• Mobiltelefoner
Markedsføringsstrategi
• Har gjort minimalt med
konsumentmarkedsføring
• Har hovedsaklig vokst gjennom
jungeltelegrafen og gjennom strategiske
partnerskap med noen av de største merkene
på webben
Partnere
•
•
•
•
•
•
•
•
AT & T
Coca-Cola
Nike
Clairol
Ford Motor Company
Kodak
Maybelline
Neutrogena Cosmetics
• Paramount Home
Video
• PDFA
• Microsoft
• Cingular
• Sony Pictures
Entertainment
• Procter & Gamble
Upoc.com
• Upoc.com startet i 1999
• Upoc.com å legger muligheten til rette for
bedrifter å sende innformasjon om
kampanjer og happenings til mobil brukere.
• Er ledende på mobil markedsføring service i
USA
Hva tilbyr upoc.com kunden?
Upoc.com har to former for
kunder,mobiltelefon brukerer og bedrifter.
Bedrifter:
• Upoc.com tilbyr bedrifer direkte kontakt
med kunder
• Bedrifter har mulighet til å informere og
påvirke kundene til en hver tid.
Hva tilbyr upoc.com kunden?
Mobiltelefon brukere
• Får tilgang til gratis informasjon om valgte
interesse områder.
• Man kan sende gratis innformasjon og tekst
meldinger til andre mobiltelefoner.
Eksempel 1
Eksempel 2
Markedet?
• 58% av amerikanerne fra 12 år og oppover
eier en mobiltelefon. Dette er i kontinuerlig
vekst.
• I USA vil det i løpet av året bli sendt ca 6,4
billioner SMS meldinger.
Hvordan tjener upoc.com
penger?
• Bedrifter betaler for mobil markedaservice
• Upoc.com legger forholdene til rette for
bedrifter å nå kunden
• Kunder tar i mot informasjon
Det er bedriftene upoc tjener penger på, men
det hadde ikke vært mulig uten mobiltelefon
brukerne.
Konklusjon
•
•
•
•
Begge er ledene i markedet på sitt område
Begge har gratis tjenester for medlemmer
Begge er reklamefinnasiert
Begge fokuserer på kundetilpassert
informasjon
• Upoc.com er spasialisrt på M- commerce
• Bolt.com går på tvers av plattformen.
Return to Lecture
• Summary on Security
The E-commerce Security
Environment
Page 234, Figure 5.2
Copyright © 2002 Pearson Education, Inc.
Dimensions of
E-commerce Security
Page 235, Table 5.1
Copyright © 2002 Pearson Education, Inc.
The Tension Between Security and
Other Values

Ease of use

The more security measures that are added to
an e-commerce site, the more difficult it is to
use and the slower the site becomes,
hampering ease of use. Security is purchased
at the price of slowing down processors and
adding significantly to data storage demands.
Too much security can harm profitability, while
not enough can potentially put a business out
of business.
Copyright © 2002 Pearson Education, Inc.
Vulnerable Points in an
E-commerce Environment
Page 239, Figure 5.4
Copyright © 2002 Pearson Education, Inc.
Examples of Malicious
Code
Page 241
Table 5.2
Copyright © 2002 Pearson Education, Inc.
Tools Available to Achieve Site
Security
Page 247, Figure 5.5
Copyright © 2002 Pearson Education, Inc.
Public Key Cryptography A Simple Case
Page 251, Figure 5.6
Copyright © 2002 Pearson Education, Inc.
Public Key Cryptography with
Digital Signatures
Page 252, Figure 5.7
Copyright © 2002 Pearson Education, Inc.
Digital Certificates and Public Key
Infrastructure
Page 255, Figure 5.9
Copyright © 2002 Pearson Education, Inc.
Secure Negotiated Sessions Using
SSL
Page 259, Figure 5.10
Copyright © 2002 Pearson Education, Inc.
Securing Channels of
Communications



Secure Hypertext Transfer Protocol (S-HTTP) is a
secure message-oriented communications
protocol designed for use in conjunction with
HTTP. Cannot be used to secure non-HTTP
messages
Virtual Private Networks (VPN) allow remote
users to securely access internal networks via
the Internet, using Point-to-Point Tunneling
Protocol (PPTP)
PPTP is an encoding mechanism that allows one
local network to connect to another using the
Internet as a conduit
Copyright © 2002 Pearson Education, Inc.
Firewalls and Proxy Servers
Page 262, Figure 5.11
Copyright © 2002 Pearson Education, Inc.
Developing an
E-commerce Security Plan
Page 264, Figure 5.12
Copyright © 2002 Pearson Education, Inc.