TY - JOUR
T1 - Design, implementation, and deployment of the iKP secure electronic payment system
AU - Bellare, Mihir
AU - Garay, Juan A.
AU - Hauser, Ralf
AU - Herzberg, Amir
AU - Krawczyk, Hugo
AU - Steiner, Michael
AU - Tsudik, Gene
AU - Van Herreweghen, Els
AU - Waidner, Michael
PY - 2000/4
Y1 - 2000/4
N2 - This paper discusses the design, implementation, and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols - (i = 1, 2, 3) - developed at IBM Research. The protocols implement credit card-based transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography, and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a precursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity - as well as the security, and relative simplicity, of the underlying mechanisms - makes the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.
AB - This paper discusses the design, implementation, and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols - (i = 1, 2, 3) - developed at IBM Research. The protocols implement credit card-based transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography, and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a precursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity - as well as the security, and relative simplicity, of the underlying mechanisms - makes the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.
UR - http://www.scopus.com/inward/record.url?scp=0033731024&partnerID=8YFLogxK
U2 - 10.1109/49.839936
DO - 10.1109/49.839936
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:0033731024
SN - 0733-8716
VL - 18
SP - 611
EP - 627
JO - IEEE Journal on Selected Areas in Communications
JF - IEEE Journal on Selected Areas in Communications
IS - 4
ER -