Using Set for Secure Electronic Commerce

Chapter 1: Introduction to SET. Chapter Roadmap. SET Basics. Electronic Commerce. Announcement of SET. The Participants. Electronic Shopping vs. Traditional Shopping. Shopping With SET. SET Purchase Transaction. Interoperability. Interoperability Testing. SET Messages. Message Wrapper. Abstract Syntax Notation One (ASN.1) - Message Content. Distinguished Encoding Rules-Message Encoding. Object Identifiers. SET Error Processing. Chapter 2: Software Components. Chapter Roadmap. SET Software. The Wallet. How the Wallet Works. The Wallet's Core Functionality. Existing Wallets. The Merchant Server (POS). How The Merchant Server Works. The Merchant Server's Core Functionality. Existing Merchant Servers. The Certificate Authority. How The Certificate Authority Works. The Certificate Authority's Core Functionality. Existing Certificate Authorities. The Payment Gateway. The Gateway's Core Functionality. Existing Gateways. Chapter 3: Encryption and Cryptography. Chapter Roadmap. Important Terms. Encryption/Decryption Explained. Signing/Verification Explained. Who Performs the Actions?. Secret-Key Cryptography. Data Encryption Standard. Public-Key Cryptography. Encryption Key Pair. Signature Key Pair. Public-Key Cryptography Standards. OAEP. RSA. Signature and Encryption Keys in RSA. Security of RSA. Secure Hash Algorithm 1. Why Use a Combination of RSA and DES? Elliptic Curve Cryptography. SET's Signing and Encryption Process. Message Digest. Digital Signatures. Dual Signatures. Signed Message. Digital Envelopes. Encryption Process Overview. Chapter 4: Certificates and Certification. Chapter Roadmap. What Is a Certificate? Certificate Management Architecture. Root Certificate Authority (RCA). Brand Certificate Authority (BCA). Geo-Political Certificate Authority (GCA). Cardholder Certificate Authority (CCA). Merchant Certificate Authority (MCA). Payment Gateway Certificate Authority (PCA). Cardholder Certificates. Merchant Certificates. Hierarchy of Trust. Certificate Validation. Types of Certificates. Certificate Revocation Lists. CRL Format. CRL Distribution. Brand CRL Identifier. BCI Format. BCI Distribution. End Entity Certificate Cancellation/Revocation. Cardholder Certificate Cancellation. Merchant Certificate Cancellation. Payment Gateway Certificate Revocation. Certificate Format. X.509 Certificates. Cardholder Certificates. Merchant Certificates. Payment Gateway Certificates. Cardholder Certificate Authority (CCA) Certificates. Geo-Political Certificate Authority (GCA) Certificates. Brand Certificate Authority (BCA) Certificates. Root Certificate Authority (RCA) Certificates. Thumbprints. Issuing Certificates. Certificate Request Types. Initial Root Certificate Generation and Distribution. Issuing Certificate Authority Certificates. Issuing End Entity Certificates. Message Wrappers. Certificate Inquiry. Chapter 5: SET Payment Messaging. Chapter Roadmap. Common Business Scenarios. Authorize Now and Capture Later. Authorize and Capture Now. Authorize Now and Capture Later With Partial Reversal. Split Shipments. Installment or Recurring Payments. A Typical SET Purchase Transaction. Message Wrappers. Purchase Initialization Request/Response Messages (Optional). PInitReq. PInitRes. Purchase Order Request/Response Messages. Order Instruction (OI). Payment Instruction (PI). PReq. PRes. Cardholders without Certificates. Inquiry Request/Response Messages (Optional). InqReq. InqRes. Authorization Request/Response Messages. Split Shipments. AuthReq. Referral Processing. AuthRes. Authorization Reversal Request/Response (Optional). AuthRevReq. AuthRevRes. Capture Request/Response Messages (Optional). CapToken. CapReq. CapRes. Capture Reversal Request/Response and Credit. Request/Response Data. CapRevOrCredReqData. CapRevOrCredResData. Capture Reversal Request/Response Messages (Optional). CapRevReq. CapRevRes. Credit Request/Response (Optional). CredReq. CredRes. Credit Reversal Request/Response (Optional). CredRevReq. CredRevRes. Transaction Phases and Reversals. Batch Administration. Batch Administration Request Message. BatchAdminRes. Payment Gateway Certificate Request/Response. PCertReq. PCertRes. Chapter 6: SET Protocol Extensions and Additions. Chapter Roadmap. SET Debit Architecture. Private Environments. Public Environments. Personal Identification Number-Based (PIN) Debit. PIN Entry and Encryption. How PIN-Based Debit Works. Integrated Circuit Cards (Smart Cards) and Security Tokens. Integrated Circuit Cards Explained. ICC Proposed Architecture. Example ICC Transaction. Algorithm Independence. Elliptic Curve Enabled Secure Electronic Transactions (ECSET). Elliptic Curves Explained. Elliptic Curve Digital Signature Algorithm. Security of ECC. ECSET Pilots. Japanese Payment Options (JPO). Payment Modes. JPO Mode Parameters. SET 2.0 Proposed Additions. Functionality Enhancements. Encryption Alternatives. Certificate Enhancements. Order Enhancements. Payment Enhancements. Transaction Processing Enhancements. Chapter 7: SET Standards and Compliance. Chapter Roadmap. What is SETCo?. Membership in SETCo. SETCo Advisors Panels. The SETMark. Licensing the SETMark. SET Compliance Testing. SET Compliance Testing Enrollment. Compliance Testing. Tested Components. SET Checklist. SET Tests. Vendor Status Matrix. Tenth Mountain Systems, Inc. Appendix A: SET ASN.1 Code. Appendix B: JPO ASN.1 Code. Appendix C: PKCS #7 Formats. SignedData Type. EnvelopedData. EncryptedData. DigestedData. Index.