Secure Electronic Transaction (SET) is an open encryption and security specification designed to protect credit card transactions on the Internet. SET is not itself a payment system, rather it is a set of security protocols and formats that enable users to employ existing credit card payment infrastructure on an open network, such as the Internet, in a secure fashion. In addition, recently, a great deal of interest has been expressed in implementing and extending cryptography and biometric into standard authentication protocols and distributed systems. This paper proposes an alternative authentication mechanism for supporting and enhancing the cardholder authentication technique used by SET. A cryptographic-biometric mechanism is proposed to offer a more secure and suitable method for authentication/verification of the SET participant identity. A software implementation of the proposed mechanism uses SHA-1 for message digest authentication and DSA/RSA approach for digital signature. A simulated application is presented with results showing the advantageous features of the proposed mechanism and its potential for SET implementation.
Keywords: SET, cryptography, biometric, authentication, digital signature, e-commerce, B2C
ICoEC Online Proceedings Library