Secure Electronic Transaction

Here's how SET works:

Assume that a customer has a SET-enabled browser such as Netscape or Microsoft's Internet Explorer and that the transaction provider (bank, store, etc.) has a SET-enabled server.

1. The customer opens a Mastercard or Visa bank account. Any issuer of a credit card is some kind of bank.
2. The customer receives a digital certificate. This electronic file functions as a credit card for online purchases or other transactions. It includes a public key with an expiration date. It has been through a digital switch to the bank to ensure its validity.
3. Third-party merchants also receive certificates from the bank. These certificates include the merchant's public key and the bank's public key.
4. The customer places an order over a Web page, by phone, or some other means.
5. The customer's browser receives and confirms from the merchant's certificate that the merchant is valid.
6. The browser sends the order information. This message is encrypted with the merchant's public key, the payment information, which is encrypted with the bank's public key (which can't be read by the merchant), and information that ensures the payment can only be used with this particular order.
7. The merchant verifies the customer by checking the digital signature on the customer's certificate. This may be done by referring the certificate to the bank or to a third-party verifier.
8. The merchant sends the order message along to the bank. This includes the bank's public key, the customer's payment information (which the merchant can't decode), and the merchant's certificate.
9. The bank verifies the merchant and the message. The bank uses the digital signature on the certificate with the message and verifies the payment part of the message.
10. The bank digitally signs and sends authorization to the merchant, who can then fill the order.

Getting started with Data Privacy

Learn more about Financial transaction protocols and security

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Trintech is a major provider of services based on SET.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT FDIC: Educate business customers about the need for security Criminals are targeting banks' business customers and stealing their online credentials to make fraudulent wire and ACH transfers, agency says. Financial institutions reported more suspected fraud in 2008 FinCEN says number of Suspicious Activity Report filings related to fraud increased last year. However, experts say banks are cutting back on AML... Controls monitoring helps with governance, risk and compliance Gartner says continuous controls monitoring for transactions is a GRC technology that promises to reduce compliance costs and improve financial...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary CTCI (Computer-to-computer interface)  (SearchFinancialSecurity.com) Computer-to-computer interface (CTCI) is a digital communications protocol that allows customers of the NASDAQ (National Association of Securities... DROP (delivery of real-time execution information protocol)  (SearchFinancialSecurity.com) DROP (delivery of real-time execution information protocol) is a feature of various NASDAQ (National Association of Securities Dealers Automated...