Design, implementation, and deployment of the iKP secure electronic payment system

Mihir Bellare, Juan A. Garay, Ralf Hauser, Amir Herzberg, Hugo Krawczyk, Michael Steiner, Gene Tsudik, Els Van Herreweghen, Michael Waidner

Research output: Contribution to journalArticlepeer-review

138 Scopus citations


This paper discusses the design, implementation, and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols - (i = 1, 2, 3) - developed at IBM Research. The protocols implement credit card-based transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography, and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a precursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity - as well as the security, and relative simplicity, of the underlying mechanisms - makes the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.

Original languageEnglish
Pages (from-to)611-627
Number of pages17
JournalIEEE Journal on Selected Areas in Communications
Issue number4
StatePublished - Apr 2000
Externally publishedYes


Dive into the research topics of 'Design, implementation, and deployment of the iKP secure electronic payment system'. Together they form a unique fingerprint.

Cite this