What is electronic cash on delivery

3 Electronic means of payment on the Internet

[back] [index] [next]


When introducing an electronic means of payment, it is first necessary to check which requirements must be met. The most important point that even "hard" money has to satisfy is integrity. Money has to be forgery-proof and forgery-proof so that it cannot be duplicated or converted for personal gain, i.e. upgraded.
Another catchphrase is anonymity. The customer must not be made to disclose his identity for every transaction. Otherwise it would be possible to draw conclusions about purchasing behavior. He would be degraded to a transparent person. This is to be vehemently rejected for data protection reasons.
The authenticity of the trading partners must be ensured. For example, with a credit card-based system (see 3.1), it must be ensured that only the cardholder is charged and that no stolen credit card information is used. The points of anonymity and authenticity initially seem to be mutually exclusive, but 3.1 introduces systems that can perform this balancing act.
With an electronic means of payment, even the smallest transactions must be able to be carried out profitably. The technical term for this property is micropayment. This range includes fractions of a penny up to DM 50.
One criterion that is of great importance for the acceptance of a system is the ease with which it can be operated. Opaque and complicated procedures are ignored by customers. Electronic means of payment must be just as simple, if not easier to use than traditional means of payment.
Here is a brief summary of the keywords:
  • integrity
  • anonymity
  • authenticity
  • Micropayment
  • Convenience
This is followed by an enumeration and description of existing procedures that are to be examined for compliance with these points.

3.1 Credit card-based standards

When using credit card-based systems, goods or services are delivered before the invoice is paid. As the name suggests, the customer is granted a loan, which must be submitted in addition to the loan fees. The level of these fees sets the limit for the smallest possible transactions that can be carried out profitably. Since credit institutions usually demand very high sums (50 Pf to 5 DM), not much is to be expected from credit card-based systems in terms of micropayment. Some of these systems are presented in the following subsections.

3.1.1 Direct debit / invoice / cash on delivery

Methods that have been used successfully for years are the settlement of payment claims by invoice, direct debit or cash on delivery. Mail order companies work this way. With the receipt of the goods, which are ordered from a catalog by telephone or online, the customer is sent an invoice. This can take the form of a conventional transfer, direct debit or home banking. The dealer has to trust the customer for this, as he can pretend that he has never received the goods and can therefore refuse to pay. For such cases, mail order companies manage black lists "similar to the SCHUFA debtor directory, which they exchange with one another in order not to re-deliver to customers unwilling to pay. If the retailer does not want to trust the customer, he can send the goods cash on delivery by parcel services or the post office. The customer then has to pay the invoice amount to the postal worker on receipt of the goods. Post and parcel services charge a fee for this service, which makes the process even more expensive. In terms of micropayment and convenience for mail order business, the assessment of these processes can therefore only be unsatisfactory be rated.

anonymity authenticity integrity Micropayment Convenience
No No Yes No No
Table 1

3.1.2 T-Online Billing (TOB)

Telekom does not only offer access to the Internet. Rather, the Internet gateway is just an extension of the Datex-J network (formerly BTX). Telekom implemented the option of combining calling up a page with charging a transmission fee. Amounts from 1 Pf up to 9.99 DM can be claimed. Optionally, the price can also be billed per unit of time, e.g. 50 pfennigs per minute. The costs incurred will be claimed by the customer via the telephone bill. The provider of the pages gets his money back from Telekom after deducting a small flat fee.
Since Telekom is a content provider that only grants its customers access after registering, the authenticity of the people is guaranteed. When using the Internet gateway, the user is dynamically assigned an IP address that only Telekom can link to a specific identity. The user remains anonymous in the network. Telekom can make it possible to bill Internet pages for a fee, as has always been possible with the BTX pages. Smallest amounts can thus be paid comfortably. The only disadvantage of the system is the required Telekom membership. Only telecom customers can make payments in this way. For this reason, the group has not yet taken any steps to approve the system. There is a risk of driving your own customers off the Internet through paid websites.

anonymity authenticity integrity Micropayment Convenience
Yes Yes Yes Yes Yes
Table 2

3.1.3 Secure Electronic Transaction (SET)

SET is a constantly evolving payment standard that was defined by a corporate committee led by Microsoft, Netscape, VISA and Mastercard. There are already some pilot tests based on SET worldwide (see 3.1.4, 3.1.5 and 3.1.6), but SET is not yet in commercial use. From a technical point of view, SET hardly brings any innovations. The main difference to other methods is that SET defines the authentication of all parties including the customer.
What is really interesting about SET is the perspective of interoperability between the SET-certified applications of different software manufacturers as well as the fact that several software providers compete with one another in the implementation of the standard. It will be several months before the compatibility and interoperability of the numerous SET implementations become a reality. After all, an overarching institution called SETCo now takes care of the certification of SET software products. The current list of test results can be found under [1]. It is still open whether SETCo will also include interoperability tests in its test program.
On the positive side, SET is opening up to other means of payment as a standard initially oriented exclusively towards credit cards. Numerous providers took the CeBIT 98 as an opportunity to announce the support of the electronic direct debit, for example under the name 'electronic direct debit' within the framework of SET.
What exactly does SET define? To answer the question, the reader is referred to Figure 3. Instead of revealing his credit card details openly to the merchant and trusting that he knows how to deal with them properly, the transmission can be carried out via SET. There are two prerequisites for using SET:

1. The customer must have a credit card.
2. Customer and dealer must register with a processor, a trust center, which SET offers.

Figure 3

There are several houses that can act as a processor. The following sections deal with specific providers. After registration, the customer and dealer receive a digital key. The customer transmits his card data to the dealer in coded form using his key. The latter cannot read or falsify the data, so that the identity and card data of the customer are protected (see also the seminar lecture Security on the Internet). The dealer signs the customer's message with his key and sends it to the processor. Only this is able to reconstruct the data using both keys. This means that the parties are authenticated at the same time. The processor contacts the credit card company and initiates the transaction. In the event of a positive confirmation, this is reported to both the dealer and the customer. The trade is perfect.
In the following some concrete implementations are to be presented.

3.1.4 TeleCash

Long before the US government approved the export of secure 128-bit encryption for banking purposes, the developers of the market leader TeleCash implemented a solution on their own in cooperation with Brokat Informationssysteme GmbH. TeleCash is a joint subsidiary of Deutsche Telekom and IBM Germany [2]. Similar to the SET standard, which is about to go into commercial use, the customer's card data is encrypted and thus withheld from the retailer. They are thus protected from misuse, for example by an employee who pulls a copy of the customer database. TeleCash serves as a processor or trust center (compare with 3.1.3). Authorization only takes a few seconds; If successful, the retailer receives a payment confirmation online and can then deliver digital goods immediately. TeleCash relies on a Java applet to ensure the necessary convenience and secure encryption on the customer side. One advantage of this solution is that the customer does not have to install any software and always works with the latest version. Since TeleCash reloads the applet with each session for security reasons, the customer waits a little longer than with the permanently installed payment programs (wallets) before he can approve a payment. Thanks to the relatively small size (about 100 KByte), the delay is still within acceptable limits.
With the publication of this work TeleCash wants to offer payment according to the SET standard as an additional option. The dealer then has the choice of whether he wants to continue accepting payments without authentication of the customer or insists that his customers can show a TeleCash certificate when paying. The latter requires the customer to register with TeleCash in writing beforehand.

anonymity authenticity integrity Micropayment Convenience
Yes optional Yes No Yes
Table 3

3.1.5 X-Pay

A German software house is also enjoying great success with payment software: Brokat Systeme GmbH [8], based in Böblingen, offers a SET-compatible system with X-Pay. The Swabians work closely with TeleCash [2] in Stuttgart. TeleCash acts as a processor and, in conjunction with X-Pay, currently enables credit card transactions with EuroCard and Visa. Direct debit is to be added later this year. X-Pay is already in use in various online shops, for example in the Computer Ticket Service [31], the donation campaign of a Karlsruhe children's hospital [34] and Kondomi [35], the specialist shop for erection clothing. The X-Pay software is installed on the merchant's server. When the customer has filled his shopping cart and proceeds to payment, a Java applet is started, which also handles the secure encryption of the data to be transferred. The close reference to TeleCash can be seen here.

anonymity authenticity integrity Micropayment Convenience
Yes optional Yes No Yes
Table 4

3.1.6 CyberCash

CyberCash GmbH [4, 5], based in Frankfurt with the participation of several banks and savings banks, has decided to stipulate customer authentication right from the start. The SET procedure, which CyberCash itself helped to define, is to be used. In order to pay with CyberCash in Germany, the customer has to register in writing with his bank in order to receive the required certificate - if the bank cooperates with CyberCash GmbH.
In contrast to TeleCash, CyberCash does not operate its own payment gateways, but supports banks in setting up and operating a corresponding connection to the credit card clearing centers.
CyberCash has not yet been able to indicate when commercial use will be possible in Germany. A pilot test has been running since December 1997: customers of the banks involved can currently shop online from seven retailers. Payment by credit card has only been announced; so far only the electronic direct debit and a special system for small amounts are available. CyberCash relies on a wallet application (around 1.5 MB in size) which the customer has to download and install for his respective operating system.

anonymity authenticity integrity Micropayment Convenience
Yes Yes Yes No Yes
Table 5

3.2 Credit-Based Standards

According to the credit card-based standards, the following credit-based standards are to be dealt with. They offer the opportunity to reduce the processing fees for small payment amounts. An obvious solution are retailer-specific credit systems. The customer maintains a credit account with the retailer and fills this with any amount that he can then use in chunks. The transaction costs incurred are therefore unrivaled, because the retailer manages the customer account within his own IT system without the help of a bank. Due to the restriction to a specific dealer, this procedure is only of interest to regular customers. Shopping mall or provider-specific credit systems can partially overcome this disadvantage.
However, this cannot be a permanent solution, since Internet shoppers are naturally very mobile and are reluctant to be restricted in their choice of business. Generally valid systems that are independent of the dealer / provider are better. Four examples should be mentioned here: CyberCoin from CyberCash, MilliCent, eCash and the SmartCard or money card. This list is only a selection from other processes, such as Mondex from England. The systems mentioned are the best known and probably the most promising. First, CyberCoin:

3.2.1 CyberCoin

The CyberCoin process from CyberCash [11] works independently of providers and shopping malls. CyberCoin is intended as a supplement to credit card-based payment for the lower price range from 50 pfennigs to 20 DM. The customer's credit account is managed by the respective partner bank, but CyberCash takes on the daily clearing of CyberCoin sales if the retailer and customer have their accounts at different partner banks. So the customer does not receive any digital coins to spend. This type is also called a value-based system.
It is worth mentioning that the CyberCoin payment process can be inextricably linked to the successful transfer of a digital product.

anonymity authenticity integrity Micropayment Convenience
No No Yes Yes Yes
Table 6

3.2.2 MilliCent

The MilliCent process from Digital Equipment Corporation [10] is optimized for really tiny amounts (pennies and even fractions of them). Here, too, it is basically a credit system, equipped with the advantage of anonymity, which can, however, be revoked in the event of a complaint. In order to pay for a purchase, the customer purchases dealer-specific digital vouchers (scrips) from a MilliCent broker, which he then passes on to the relevant dealer. Since scrips are to be viewed as digital coins, this system is also called token-based. Independent companies that have licensed the process from Digital are supposed to act as MilliCent brokers. As part of the global pilot, Digital is still acting as a broker itself and issuing free scrips for which you can get demo goods from some dealers. The special thing about the MilliCent process is the optimization for very high transaction volumes with extremely small amounts. That is why the computing effort for verifying the MilliCent payment orders has been reduced accordingly. Nevertheless, it is ensured that the effort for a possible outwitting of the system is far above the expected profit. Since the system is designed to be decentralized, it allows any number of brokers to coexist, which results in good scalability.

anonymity authenticity integrity Micropayment Convenience
optional Yes Yes Yes Yes
Table 7

3.2.3 eCash

The only method that offers the buyer complete anonymity and has the chance of being implemented worldwide is the eCash method developed by the Dutch crypto expert David Chaum [9].eCash offers the customer the best possible protection of privacy; in its properties it comes closest to payment with cash. So it is not surprising that the user has to protect himself against loss through carelessness or theft. At least eCash can be backed up, so that a hard drive crash does not have to lead to a total loss of cash.

Figure 4

When accepting eCash, in addition to the authenticity of the digital coins, it must be checked whether they have already been used, i.e. have been exchanged for conventional money. This verification requires an online query at the issuing bank. Deutsche Bank started its long-announced pilot test in October 1997 and highlighted it at this year's CeBIT. Because of the approval required by the German Bundesbank for commercial use, particular importance was attached to the similarity to a software-based cash card.
An interpretation of eCash as an independent currency and a related rejection by the German Bundesbank is believed by many observers to be likely, but would be strange, since the effects of buying and spending eCash are nothing like topping up and paying with the cash card distinguish. Rather, the real reason for the critical assessment of eCash by the authorities is its one hundred percent anonymity.
In the course of the ongoing displacement of cash, we are approaching comprehensive monitoring of money transactions under the guise of fighting crime. Just like cash, eCash is absolutely suitable for washing clean, dirty money ", that is, illegal income from drug trafficking, for example. Attempts are made to prevent this.
Before using eCash for the first time, the customer must register in writing with the issuing bank. The purchase of eCash coins with a value of up to DM 400 is made by transferring to a pool account (see Figure 4). From here, the digital coins can be transferred online to your own PC. So it is a token-based system. The eCash credit is managed using a wallet application.

anonymity authenticity integrity Micropayment Convenience
Yes No Yes Yes Yes
Table 8

3.2.4 EC card or cash card

The German cash card, which is heavily promoted by the savings banks and is suitable for purchase amounts from ten pfennigs to DM 400, occupies an intermediate position in the spectrum of internet payment systems. As a result of the standard equipment of all newly issued eurocheque cards, 40 million cash cards have already been put into circulation.
The introduction of a means of payment for the Internet was certainly not the original aim of this campaign. Rather, the savings banks were concerned with creating a cash substitute for medium and small amounts of payment in conventional business. However, numerous software companies in the financial sector have now recognized the value of the cash card as an online means of payment and have developed solutions that allow it to be used securely online.
The rapid spread of smart cards of all kinds should ensure that card readers will soon be part of the standard equipment of PCs, for example as an integral part of the keyboard (see Figure 5, top left). The SmartDiskette is a clever construction. The chip card is pushed into a diskette-shaped adapter which is supplied with power via a button cell. This means that the card can be read and written to using a standard floppy disk drive.

Figure 5

Online use becomes really convenient if it is possible to top up the cash card on the home PC via home banking. Then you don't even have to go to the next ATM. An important safety factor is that not everyone can accept cash card payments; a special dealer card with a corresponding terminal is required for this. This prevents fraudulent activities by bogus dealers on the Internet. However, direct payments between private individuals are also excluded.
Anonymity is not exactly one of the strengths of the cash card. The card ID is logged in the merchant's terminal for every cash card payment (see also Figure 6). On the bank side, a shadow account is kept for every money card offered on the basis of this data. This allows a plausibility check of the card balance and helps to detect misuse. This does not affect the anonymity of the customer vis-à-vis the dealer. However, it is possible to create consumption and movement profiles with the help of the data obtained.

Figure 6

anonymity authenticity integrity Micropayment Convenience
limited Yes Yes Yes Yes
Table 9


[back] [start] [index] [next]