资源目录
压缩包内文档预览:
编号:512708
类型:共享资源
大小:669.82KB
格式:ZIP
上传时间:2015-11-11
上传人:QQ28****1120
认证信息
个人认证
孙**(实名认证)
辽宁
IP属地:辽宁
6
积分
- 关 键 词:
-
毕业设计
- 资源描述:
-
IC卡食堂售饭机的开发,毕业设计
- 内容简介:
-
1 ELECTRONIC PAYMENTS THE SMART CARD SMART CARDS, E-PAYMENTS, & LAW PART I Dr Simon Newman and Gavin Sutter, Queen Mary College, University of London This article in three parts examines the legal issues raised by the development of the smart card. It explores contractual, liability and intellectual property rights issues and assesses whether a suitable legal framework exists in which smart card use can flourish and grow. A. INTRODUCTION TO SMART CARDS AND ELECTRONIC PAYMENTS SYSTEMS A smart card is simply a plastic rectangle containing an electronic chip, and holding a certain amount of readable data. One common consumer use in the UK is in digital television, where they are used as security devices to unscramble the incoming digital television signal. They are also now commonly used in GSM standard digital mobile phones as Subscriber Identity Module (SIM) cards. However, most attention focuses on their potential as an independently carried, easily portable, means of both identification and electronic payment - for example as an “e-purse” holding electronic coins for low-value transactions, either held solely on the card,1 or linked to a central database. Smart card technology is not new, but at least until very recently it has largely failed to achieve widespread use within the countries of the European Union. This is now beginning to change as smart cards become increasingly ubiquitous, although as yet their profile remains low amongst the general public - many people may carry around one or more smart-chipped credit cards in their wallet or purse without being aware that it holds more than the usual magnetic strip. Previous European smart cards development centred on multiple national systems,2 all non-compatible, which have never achieved good customer take-up. Even where a large number of cards have been circulated, as with Proton in Belgium, the frequency of use has remained discouragingly low. The European Commissions Europe Smart CardCharter, after a shaky start in 2000, is trying to rectify this by moving from its originally technology-oriented stance towards a much more customer-centred approach. Previously it focused on nts 2 technological development of competing systems, with interoperability a distant goal. This has changed. A new “user-centric” approach to all aspects of smart cards is intended to help enfranchise the citizen and give him/her fuller access to the Information Society which is developing in all aspects of daily life, including government and local authority applications.3 It acknowledges in particular the need for easy “anytime anywhere” access, in order to achieve the mass take up of smart cards that is currently lacking. It seems that the principal customers pushing development in this instance are not individual consumers, nor even the banking corporations, but the European Unions national transport networks. Transport has proven to have a key role to play in this area as it has the mass cross-cultural user community and relatively simple, extremely high-volume applications4 that are needed to make smart cards part of everyones daily life. Particularly prominent in this field is Transport for London.5 Inspired by the success of the Octopus smart card in the Hong Kong transit system, their Prestige Project has developed a smart card system for easy automated ticketing. This is a contactless card, initially intended as a season ticket, with an expiry date recorded in the card, allowing an unlimited number of journeys up to that date. Contactless smart card readers have already as of September 2001 been installed at some London Underground stations, and the system is likely to be in general use by the end of 2002. An epurse facility card is intended to be added shortly thereafter, with no time limit, but with prepaid electronic tokens deducted from the card on each journey, that can be refilled with tokens through occasional payment at an electronic ticketing machine. Inter-operability with other national and European transport networks is a high priority ultimately allowing the same card to be used on rail, bus and other mass transport systems from London to Madrid to Helsinki and beyond. As with all network systems, from mobile phones to the Internet, smart card applications must be interoperable with common standards in order to benefit exponentially from wider use throughout the EU and beyond. It is therefore critical both that suitable technological standards are reached, and that a suitable legal framework exists in which smart card use can flourish and grow. One question raised by the multi-functional nature of smartcards is one of ownership: standard, single use magnetic strip cards are commonly understood to be issued by, for instance, a bank, to be used by the customer but remaining the property of the issuer. Multi-functional cards may have several different applications from several different sources loaded on them banking details, credit card, healthrecords so who owns the card? Is there a single card owner, or will each interested party be said to own only their own application stored on the card? A related question asks who is permitted to issue an “electronic purse” smart card.Will this be limited to banks? Will personal data cards be issued solely by government? Especially in countries such as, for instance, Germany or France nts 3 where a government- issued ID card is a necessity, could the government insuch a state issue its own smart cards for ID purposes which the user would then add other applications such as payment facilities to? Government owned cards would raise the further issue of citizens rights to access government information as relating to themselves. Alternatively, will it be legally, as it is technically, possible for a company simply to produce and sell empty smartcards which the user can then add his own details to? Or must the issuer be a licensed person, real or legal? A further important issue requiring analysis is whether the user of a card will be permitted to add and remove applications from the smartcard at will, or whether it will carry fixed applications as installed by the relevant companies with which the user may not tamper. The voluntary nature of such systems must be emphasized - the multi-application “smart wallet” may contain software from numerous different organisations, but its contents must be under the users control, just like a physical wallet. If it is to be commercially successful it must be seen as both safe and convenient for the end user. This is likely to require easy notification procedures in case of loss or theft, with the card and its contents being made quick and easy to replace. The contractual issues involved require consideration. For instance, the contractual relationship between issuer and user will remain substantially similar as for the issue of a standard magnetic strip single use card. However, a multi-functional card raises a number of other relationships such as that between card issuer and application provider, or between one application and another. An area of great significance is liability. Liability for loss, damage, fraudulent usage, etc of a standard magnetic strip payment card (credit, debit, etc) is subject to a clear contract between the issuer and the user. However, when a multi-functional smart card is involved, the issues become much more complex. For example, in the case of loss or theft, who bears the responsibility if not the user? Is there a single application which will be responsible for ensuring adequate security for the cards general functions, for example, prevention of fraudulent use of the card in payment, or of a digital signature encoded into it in order to identify the rightful user? Security, fraud prevention, and so on will also arise as issues of consumer protection provisions. The application of data protection requirements will be of great significance in ensuring adequate consumer protection strategies are in place. This is likely to entail the use of some method of encryption, raising further issues as to availability of decryption information. Lastly, intellectual property rights (IPR) in the smartcard technology will be analyzed in the study. How will the protection of such rights be achieved will it be primarily by patents, rather than copyright? How are those commercial interests involved in the production of smartcards currently protecting their interests in the technology 1.The Development of Smart Cards nts 4 Rapid growth in electronic business has led to the development of payment systems tailored to meet the needs of online purchasing.Although credit cards have proved the most popular method for online payments so far, they may not be the most appropriate method in all transactions. For example, they may prove too costly for the purchase of low value goods and services, and are not suitable for making payments to consumers. The increased interest in auction schemes such as eBay6 leads to an increasing need for systems which allow for the transfer of value between consumers, rather than only between consumers and businesses. The perceived security risks of sending credit card details online have also proved a barrier to their use, leading to an interest in developing more secure alternatives. A vast array of electronic payment systems have been (and are being) developed around the world.These are either smartcard systems, where the value is stored on a chip on a multipurpose card, or software systems where the value is stored as electronic tokens in the memory of the computer. However, although some of these systems have been available to the consumer for several years none has become universally accepted. Furthermore, because the various systems and technologies are not interoperable, consumers and merchants are forced to choose which or how many of the systems to use. Many online buyers and sellers have therefore elected to use the traditional credit card due to its greater universal acceptance. Many systems have been developed in trial form but have not immediately been followed up by commercial exploitation, and others have been changing and modifying their services to meet the needs of the market. It seems therefore that the market is still in a state of flux and that commercial barriers are hindering the adoption of these new systems. Various steps have been taken towards remedying the lack of interoperability such as the development of a standard protocol which may overcome the commercial difficulties. As far as the legal issues are concerned these have to a degree been overshadowed by the commercial problems although in the European Union the creation of a regulatory framework for electronic money issuers is underway. However, other issues such as the contractual relationship between the issuer and the consumer have not been addressed. 2. Electronic Payment Systems: Software (a) Credit and Debit Cards Credit and debit cards may be grouped together as examples of debt transference systems. The use of either in making payments associated with online purchase is broadly similar to the other main methods of carrying out distance card purchases by mail, fax or by telephone in that the actual card itself and the signature thereon are not handled or seen by the payee, but the details (number and expiry date) are transmitted over the internet, either via a website or by email. Currently such incorporation of traditional nts 5 credit card systems into electronic commerce remains the most popular method of payment over the internet, presumably at least in part because its use does not require investment of time and money into acquiring and becoming familiar with new systems. Also, there is a perceived comfort factor in the security offered by an established brand such as Visa.There still exists, however,some degree of concern among consumers generally about the security of making such transactions.While the risk of interception of credit card information by a third party, or a record of it being made by an unscrupulous sales assistant,and subsequent fraudulent usage does little to deter most from making such purchases by telephone or in person, fears abound that this will happen if they do so over the internet. Governments have a clear interest in such issues,as wider consumer spending in internet sales will serve to bolster the new digital economy.Technological methods may give consumers the confidence to take advantage of what the new marketplace has to offer.They may also help to prevent credit card fraud, thus contributing to reduction of such crimes, another attractive feature for governments. (b) Secure Socket Layer (SSL) Protocol The SSL protocol creates a secure channel for the transmission of encrypted payment card details between retailer and consumer and is in wide usage across the internet, incorporated into many different software systems. Patented by Netscape and submitted to the World Wide Web Consortium (W3C) early in 1998 as a standard, it has now become the norm for secure communication of payment card information over the internet. In operation, SSL utilizes a mix of public and private key encryption. Private key encryption involves the use of one single key an algorithmic code which allows a message to be encrypted. Once encrypted, the message can only be reopened with the key.Access to a message can thus be controlled by controlling distribution of the key. The public key technique is broadly similar, however, there is a separate, public key which is given to B to either decode messages which have been encrypted using As private key or to encrypt a message to send to A which can then only be opened with the private key. It is a version of this system which online retailers generally use.The public key is made freely available to the consumer via the website: the payment details are au
- 温馨提示:
1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
2: 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
3.本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
人人文库网所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
川公网安备: 51019002004831号