Today, approximately 2 trillion dollars worth of purchases are made yearly over the worldwide credit and debit networking systems. Also, approximately 350 billion coin and currency transactions occur between individuals and institutions every year. As smart card technology matures (e.g., a smart card is a credit card with built-in memory (and optionally a microprocessor) that can be used as an identification or financial transaction card that can also store personal or transaction information), many of these transactions will take place electronically. Home banking programs allow consumers to pay bills and transfer money between accounts, all from the privacy of their own homes. Soon, with electronic cash, these same consumers will be able to download value from their banks without leaving home. Throughout the history of commerce, economic exchange has generally sought greater convenience at a lower cost, while achieving improved security.
In transactions that take place over networks (e.g., a consumer sending payment details to a merchant, or the merchant requesting transaction approval from a bank), it is desirable for the devices used by consumers and merchants to have specific security properties. In many cases, the security properties are mandated by government regulation; in other cases, the specific financial institution may have requirements that are more stringent than the government requirements.
Credit card networks generally transmit only information that is easily obtainable elsewhere. For example, the card number transmitted is also plainly visible as embossed on the face of the credit card. For these reasons, many governments limit the liability of the cardholder in the case of theft of the card number.
Online debit networks and Automatic Teller Machine (ATM) networks require the use of a Personal Identification Number (PIN) to authorize a transfer of funds. Various governmental and financial institution regulations stipulate that the devices used to capture a PIN and transmit it to a financial institution incorporate encryption and that the devices be tamperproof. Generally, the properties of such a device include the majority of the following:
An encryption key utilizing a symmetric key algorithm like Data Encryption Standard (DES) (a standard method of coding information into ciphertext), stored in a non-volatile memory such as an Electrically Erasable Programmable Read Only Memory (EEPROM), for securely transmitting debit card PINs. PA1 A keypad for entering PINs for debit cards and smart cards. PA1 A casing that detects whether the device is being tampered with for the purpose of altering the electronics or determining the key. PA1 A mechanism for zeroing the device memory, including any keys and transaction history, in the event that the device is tampered with. PA1 In some cases, sophisticated shielding, such as a Faraday cage, that ensures the device does not give off any electromagnetic radiation that would allow instrumentation measuring such radiation to determine which keys are pressed on the keypad of the device.
The financial institution that purchases such devices (e.g., Point of Sale (POS) terminals or Automated Teller Machines (ATMs)), specifies the requirements for their devices and ensures, via a certification process, that the devices are compliant with any governmental or card association regulations, as well as with the transaction processing environment at the particular financial institution.
Recently, electronic commerce has expanded to include interactions with consumers in their own homes using either private or public networks such as the Internet. It is desirable for the merchant to transmit information, including a subset of the information provided by the customer, over such a network to a payment gateway computer system that is designated, by a bank or other financial institution that has the responsibility of providing payment on behalf of the customer, to authorize a commercial transaction on behalf of such a financial institution, without the risk of exposing that information to interception by third parties. Such institutions include, for example, financial institutions offering credit card or debit card services.
One such attempt to provide such a secure transmission channel is a secure payment technology, such as Secure Electronic Transaction (SET), jointly developed by the Visa and MasterCard card associations, and described in Visa and MasterCard's Secure Electronic Transaction (SET) Specification Version 1.0, May 31, 1997 (available via for download via www.setco.org/SET_Specifications.html), incorporated herein by reference in its entirety.
Another such attempt to provide such a secure transmission channel is a general-purpose secure communication protocol such as Netscape, Inc.'s Secure Sockets Layer (SSL) , as described in Freier, Karlton & Kocher (hereinafter "Freier"), The SSL Protocol Version 3.0, March 1996, and incorporated herein by reference in its entirety. SSL allows for secure transmission between two computers. SSL advantageously does not require special-purpose software to be installed on the customer's computer, because it is already incorporated into commercially and widely available software that many people utilize as their standard Internet access medium and advantageously does not require that the customer interact with any third-party certification authority. Instead, the support for SSL can be incorporated into software already in use by the customer (e.g., the Netscape Navigator.TM. World Wide Web browsing tool).