Design and Analysis of Security System for Electronic Payment

Software

Jie Zhang

College of Information Engineering, Sichuan Agricultural University, Sichuan, 625000, China

Keywords: Computer, payment software, security system, design, analysis.

Abstract: Nowadays, electronic payment has become an important way to purchase. It is popular for the convenient

operation without cash depositing and withdrawing. Security system for payment software is designed to

ensure the safety of transactions. This work is mainly about the use of popular payment software and the

design of relevant security system. Potential risks of transactions are also discussed to deal with security

problems of electronic payment software.

1 INTRODUCTION

The development of computer and the Internet has

made online sales the most popular way of trading.

As traditional market trading gradually shrinks,

online shopping has become a habit of many people

and will also be the mainstream approach of

commerce in the future. Thus, the design of online

payment has become a hotspot issue of software

development to meet the needs of online trading.

Supporting security system is necessary for payment

software to ensure the safety of transaction and

property. The design of security system for

electronic payment software is also analyzed in the

work.

2 FREQUENTLY-USED

ELECTRONIC PAYMENT

SOFTWARE

The phrases “E-business” and “online trading” have

been frequently used in people’s daily life as online

trading and online shopping are becoming a

common way of business transaction. Then what is

the most popular payment software in the age of

online business? What do they mean by electronic

payment software?

2.1 Introduction of frequently-used

electronic payment software

Major shopping websites have adopted common

payment software in online transaction. For instance,

transactions with Taobao are processed through

Alipay. Alipay here performs as the third-party

payment platform where the money for transactions

is temporally deposited. After the purchase of

customers, the money of payments is kept by Alipay

instead of customers and sellers, which is a buffer

mechanism for the safety of transactions. Alipay is

the earliest and typical electronic payment software

with this mechanism (Guan Liancheng, Chen Suling,

Zhou Yahui, 2008). Its design has been followed by

other payment software afterwards, such as Tenpay.

Some other functions are also adopted in payment

software for fast and convenient online transaction.

Therefore, electronic payment software can be

categorized according to their functions.

The first kind of payment software has functions

of paying and depositing, such as Alipay and

Tenpay. Payment software as such is featured with

self-contained depositing function, through which

money can be directly paid to sellers. Such payment

software actually performs as saving accounts with

payment function. In order to protect property of

customers, this kind of payment software should be

equipped with stricter security protection.

The second kind of payment software is based

on Internet bank accounts. Traditional banks also

run the business of Internet banking in the age of

Internet. Internet banking, similar to Alipay and

246

Zhang J.

Design and Analysis of Security System for Electronic Payment Software.

DOI: 10.5220/0006448302460248

In ISME 2016 - Information Science and Management Engineering IV (ISME 2016), pages 246-248

ISBN: 978-989-758-208-0

Tenpay, is actually another kind of electronic

payment software with paying and depositing

functions, but in need of higher level of protection.

Besides, there is extra limit for the use of Internet

bank accounts. For example, payment through

Internet bank accounts needs to be processed

through special channel in some online malls. In

other words, Internet banking is the third-party

payment platform for transactions in online malls.

Alipay and Tenpay, different from Internet banking,

are direct payment platforms based on the websites

of Taobao and Yixun.

Different from payment software mentioned

previously, there is another kind of payment

software, namely third-party payment software. The

so-called “third-party” is defined according to online

shopping websites. From this point of view, Alipay

is actually a direct payment system for Taobao. A

third-party payment requires agreements among

relevant parties to be processed. Therefore, a third-

party payment platform needs to cooperate with

online shopping websites involved in transactions.

2.2 Important issues when using

electronic payment software

Both direct payment software and third-party

payment software need network protocols to

perform in online transactions. Then what matters

should be paid attention to when customers use

electronic payment software?

Firstly, payment software should be used in a

safe condition. The fast and convenient operation of

payment software brings about security issues. All

kinds of payment software and Internet bank

accounts are based on Internet and influenced by

online risks. Logging on accounts of electronic

payment software in a virus-affected computer

increases the risk that customers’ account might be

stolen. Accounts of electronic payment software

such as Alipay and Internet banking should be used

in a safe computer to secure transactions and

properties.

Secondly, payment software needs to be used on the

base of Internet protocols to process transactions.

For example, tripartite agreement is not required

when customers do shopping in Taobao with Alipay.

But shopping cannot be done with Alipay in

Jingdong online mall because there is no tripartite

agreement between Jingdong and Alipay. Therefore,

customers should select payment software according

to their own needs, and there is also compatible

electronic payment software available. Generally,

Internet banks have agreements with more online

malls. Accounts of Internet banks are not operated

by online malls and can be used in many other

circumstances. Alipay and Tenpay, however, are

designed for specific online malls. All in all,

permission and scope of application of payment

software should be checked before transactions.

Payments cannot be done without agreements in

some online malls.

3 DESIGN OF SECURITY

SYSTEM OF ELECTRONIC

PAYMENT SOFTWARE

Based on the analysis of frequently-used payment

software, security of payment is the priority of such

software. Due to the interactivity of computers,

online attacks and viruses seriously threaten the

safety of computer use. Then what can be done to

secure online payments? How are secure systems

designed for specific payment software?

3.1 Brief introduction of security

systems of electronic payment

software

Security systems for electronic payment software are

designed to secure the process and safety of

transactions. Frequently-used payment software is

already equipped with security systems by

developers to ensure the safety of payment (

Wenbin, 2009). The security systems based on

payment software include digital certificate

protection system, system risk test system, USB key

for Internet banking and password protection. These

security systems are very useful for electronic

payment software.

3.2 Digital certificates—the core of

security systems of electronic

payment software

Alipay is selected among various kinds of electronic

payment software to analyze security systems of

electronic payment software. Digital certificates are

at the core of such payment software. Digital

certificates are usually required to be installed when

customers use Alipay. Payment through Alipay

cannot be processed without digital certificates.

What is the principle of digital certificates then?

And what are their main functions?

In fact, digital certificates are the most important

protection mechanism for payment software.

Design and Analysis of Security System for Electronic Payment Software

247

Design and Analysis of Security System for Electronic Payment Software

247

Security status of web environment of computers is

checked during the installation process of digital

certificates. In other words, security of web

environment can be checked by digital certificates.

And then, each computer can be equipped with only

one digital certificate. In a computer without digital

certificates, payment cannot be processed even with

correct accounts and passwords. This effectively

enhances security levels by preventing accounts

from being stolen. Besides, verifications through

mobile phones are required to install digital

certificates. Certificates cannot be installed without

verification codes sent to customers’ mobile phones.

Therefore, at the first stage, digital certificates are

critical, which is the core part of security systems for

payment software.

3.3 Password protection and third-

party protection as supplementary

measures of security systems

Digital certificates are surely the most important

parts of security systems for electronic payment

software. However, digital certificates alone cannot

ensure a safe environment (

Zhao Xueshu, 2007).

Generally, some supplementary measures are added

to security systems to protect payment of

transactions and help customers when they forget

their passwords. The most frequently-used measures

are password protection and third-party protection.

Passwords protection is very common and

important for payment software by changing

passwords and security protection. Currently,

general way of protecting passwords is setting

questions for password changing. When customers

set password, they can set questions and answers for

password protection at the same time. Besides,

password protection can be achieved through

messages sent to customers’ mobile phones. When

customers change their passwords, they make the

changes on their mobile phones accordingly. In this

way, payment software is further secured.

Third-party protection is also important with

relatively intensive concept. Anti-virus software is

necessary for computers. In fact, a safe web

environment is the priority for online shopping and

payments. Third-party protection is employed to

provide such safe environments. In addition, there

are many phishing sites on the Internet. Third-party

protection measures alert users when they come

across phishing sites, preventing them from property

loss.

4 SYSTEMATICAL ANALYSIS ON

THE SECURITY OF ONLINE

TRANSACTIONS

Security system is of significant importance for

online payment. Internet has been well developed to

provide users with convenient and economical

service. However, security issues are always major

obstacles for the development of Internet. Once the

security of Internet use is guaranteed, users will be

more confident in electronic payment software,

which is very important for the future of Internet.

Furthermore, security measures of electronic

payment software are continually developing.

Protection measures based on hardware play

effective role in protecting customers’ properties. In

short, security systems for electronic payment

software are significant in the long run.

5 CONCLUSIONS

In the work, the importance of safe online payment

is highlighted based on the analysis of electronic

payment software. Further research is conducted on

a widely-used payment software—Alipay. Digital

certificate and password protection are discussed in

the research, exploring other protection measures. In

short, safe payment is a critical precondition for the

long-term development of payment software. The

improvement of security system and protection

measures is an important task in the development of

electronic payment software.

REFERENCES

Guan Liancheng, Chen Suling and Zhou Yahui.

Establishing a Perfect Security System for Campus

Networks, Journal of Tianjin University of Technology

and Education, 2008(02): 44-46.

Li Wenbin. Security Issues and Countermeasures of Local

Area Network of Computer, China New Technologies

and Products, 2009(23): 42.

Zhao Xueshu. Safety Risks and Countermeasures of

Current Campus Networks, Journal of Zhengzhou

Railway Vocational & Technical College, 2007(04):

33-34.

ISME 2016 - Information Science and Management Engineering IV

248

ISME 2016 - International Conference on Information System and Management Engineering

248