SET for E-Commerce Transactions

SET, which stands for Secure Electronic Transaction, was an early security protocol developed specifically for secure e-commerce transactions. SET was jointly developed by Visa and Mastercard in the mid-1990s to address the security concerns associated with online payments. Although SET is not widely used today, it played a significant role in shaping the foundation for secure e-commerce.

Here are the key features and components of the SET protocol:

  1. Digital Certificates: SET utilized digital certificates to establish the identities of participating entities in an online transaction. These certificates were issued by trusted Certificate Authorities (CAs) and included the public keys of the parties involved.
  2. Encryption: SET employed strong encryption algorithms to protect sensitive information during transmission. It utilized symmetric encryption for bulk data encryption and public-key cryptography for secure key exchange.
  3. Payment Card Security: SET incorporated mechanisms to ensure the confidentiality and integrity of payment card data during online transactions. Cardholder information, such as credit card numbers, was encrypted and securely transmitted between the customer, merchant, and payment gateway.
  4. Dual Signature: SET employed a dual signature mechanism to ensure the authenticity of transactions. Both the customer and the merchant digitally signed the transaction, providing non-repudiation and proof of participation.
  5. Secure Channels: SET established secure communication channels between the customer, merchant, and payment gateway using encryption and authentication protocols. This ensured that sensitive information remained confidential and protected against interception and tampering.
  6. Transaction Authorization: SET involved multiple steps to authorize and complete a transaction. It included the verification of cardholder identity, validation of digital certificates, authorization request to the payment network, and response validation.
  7. Certificate Authorities (CAs): SET relied on trusted CAs to issue and manage the digital certificates used in the protocol. CAs played a critical role in establishing trust and verifying the identities of participants.

While SET was an innovative protocol at its time, it faced challenges in adoption due to its complex implementation requirements, high costs, and the emergence of alternative security protocols such as SSL/TLS. Today, SSL/TLS and other security measures have become the standard for securing e-commerce transactions. These protocols provide secure communication channels, encryption, and authentication mechanisms to protect online transactions.

It’s important to note that the information provided here reflects the historical significance of SET, but the protocol itself is no longer widely used in modern e-commerce transactions.

What Is Secure Electronic Transaction (SET)?

Secure electronic transaction (SET) was an early communications protocol used by e-commerce websites to secure electronic debit and credit card payments. Secure electronic transaction was used to facilitate the secure transmission of consumer card information via electronic portals on the internet. Secure electronic transaction protocols were responsible for blocking out the personal details of card information, thus preventing merchants, hackers, and electronic thieves from accessing consumer information.

KEY TAKEAWAYS

  • Secure electronic transaction was an early communications protocol that was developed in 1996 and used by e-commerce websites to secure electronic debit and credit card payments.
  • Secure electronic transaction protocols allowed merchants to verify their customers’ card information without actually seeing it, thus protecting the customer against account theft, hacking, and other criminal actions.
  • Other standards for digital security for online debit and credit card transactions emerged after the protocols defined by secure electronic transactions were introduced in the mid-1990s.
  • Visa was an early adopter of a new standard of security protocols, called 3-D Secure,1 which was eventually adopted in different forms by Mastercard, Discover, and American Express.

Understanding Secure Electronic Transaction (SET)

Secure electronic transaction protocols were supported by most of the major providers of electronic transactions, such as Visa and MasterCard. These protocols allowed merchants to verify their customers’ card information without actually seeing it, thus protecting the customer. The information on the cards was transferred directly to the credit card company for verification.

The process of secure electronic transactions used digital certificates that were assigned to provide electronic access to funds, whether it was a credit line or bank account. Every time a purchase was made electronically, an encrypted digital certificate was generated for participants in the transaction–the customer, merchant, and financial institution–along with matching digital keys that allowed them to confirm the certificates of the other party and verify the transaction. The algorithms used would ensure that only a party with the corresponding digital key would be able to confirm the transaction. As a result, a consumer’s credit card or bank account information could be used to complete the transaction without revealing any of their personal details, such as their account numbers. Secure electronic transactions were meant to be a form of security against account theft, hacking, and other criminal actions.

History of Secure Electronic Transactions

The development of secure electronic transaction protocols were a response to the emergence and growth of e-commerce transactions, especially consumer-driven purchases over the internet. Conducting business online was a new phenomenon in the mid-1990s. Similarly, the security available to protect these transactions was still developing and was effective in varying degrees. The protocols defined by the secure electronic transaction standards allowed for online payment systems to be used by retailers and financial institutions because they had the appropriate software to decrypt and process digital transactions properly. In 1996, the SET Consortium–a group that consisted of VISA and Mastercard in cooperation with GTE, IBM, Microsoft, Netscape, SAIC, Terisa Systems, RSA, and VeriSign–established the goal of combining incompatible security protocols (STT from Visa and Microsoft; SEPP from Mastercard and IBM) into a single standard.

Other standards for digital security for online debit and credit card transactions emerged after the protocols defined by secure electronic transactions were introduced. Visa, one of the early proponents for secure electronic transactions, eventually adopted a different protocol, called 3-D Secure, as its framework for the secure digital payments and transactions of its customers. The 3-D Secure method is an extensible markup language (XML)-based protocol designed to be an additional security layer for online credit and debit card transactions.

It was originally co-written by Visa and Arcot Systems (now known as CA Technologies).2 Similar protocols based on 3-D Secure are now used by Mastercard, Discover, and American Express.

Books on SET

Share

Leave a Comment

Your email address will not be published. Required fields are marked *

This website is hosted Green - checked by thegreenwebfoundation.org