Payment systems play an important role in electronic commerce.
In this thesis, the author focuses on two subjects: (1) on-line
payment by credit card, and (2) micro-payment. The author
describes her research results in three parts. The two major
subjects take up two of the three; the remaining one contains a
comprehensive survey of the state of the art.The thesis begins
from the survey. The author classifies the major systems by
their payment instruments into three categories: (1) on-line
payment by credit card, (2) digital cash, and (3) account-based
payment. Features and abstract models have been extracted; the
strength of privacy protection in each system has also been
assessed. In particular, the author has paid much attention to
the survey of the state of the art of micro-payment systems,
considering their potential for facilitating the trading of
inFocusing on the first subject-on-line payment by credit card,
the author proposes a revised version of the well-known SET
(Secure Electronic Transaction) protocol. The author calls it
Revised SET. Constrained by being an extension to the existing
card payment networks, SET does not completely fulfill the
strong demand for privacy protection in the world of electronic
commerce. In particular, it does not address the privacy
infringement caused by data aggregation. The revision allows
cardholders to take partin account reporting, and offers them a
credit card surrogate, instead of cardholder certificate, to
conceal their credit card identification in the electronic
marketplace. Guided by the principle of information segregation
and hiding, the revision is a successful counter to privacy
infringement in both the small scope of a transaction and the
much broader scope of data aggregation.Focusing on the second
subject-micro-payment, the author presents a new protocol.
Payment confirmation slips are the instruments in this protocol.
Before purchases, a payer obtains a batch of these digital slips
from a bank. Each slip contains a bank authentication code
(BAC), which allows a payee (a merchant) to verify the
authenticity of the slip. While paying for information goods, a
payer fills in the amount of the payment; then, this payer''s
system computes an amount confirmation code (ACC) andcomputes a
slip integrity code (SIC). The computation of an ACC demands the
input of the payer''s password, which is secretly shared between
him and his bank. While the ACC prevents the amount from being
altered by merchants, the SIC helps to preserve integrity of the
slip and to safeguard against replay of any valid slip. In this
design, the bank is an intermediary and provides service very
similar to that of offering credit cards to cardholders. The
bank will send customers monthly statements and ask for
reimbursements. Hash functions are the only type of functions
used in the design; public-key cryptography or other
sophisticated techniques used in other systems are unnecessary.
Consequently, the design is cost effective.In conclusion, the
author has contributed innovative ideas to the evolving field of
on-line payment. In the future, the author will look into
opportunities for implementation of the two designs and also
continue research efforts on the more general domain of
electronic commerce.