This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
An e-commerce payment system (or an electronic payment system) facilitates the acceptance of electronic payment for offline transfer, also known as a subcomponent of electronic data interchange (EDI), e-commerce payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking.
Credit cards remain the most common form of payment for e-commerce transactions. As of 2008, in North America, almost 90% of online retail transactions were made with this payment type.[1] It is difficult for an online retailer to operate without supporting credit and debit cards due to their widespread use.[1] Online merchants must comply with stringent rules stipulated by the credit and debit card issuers (e.g. Visa and Mastercard) in accordance with a bank and financial regulation in the countries where the debit/credit service conducts business.[2][better source needed]
E-commerce payment system often use B2B mode. The security of customer information, business information, and payment information base is a concern during the payment process of transactions under the conventional B2B e-commerce model.[3]
For the vast majority of payment systems accessible on the public Internet, baseline authentication (of the financial institution on the receiving end), data integrity, and confidentiality of the electronic information exchanged over the public network involves obtaining a certificate from an authorized certificate authority (CA) who provides public-key infrastructure (PKI). Even with transport layer security (TLS) in place to safeguard the portion of the transaction conducted over public networks—especially with payment systems—the customer-facing website itself must be coded with great care, so as not to leak credentials and expose customers to subsequent identity theft.
Despite widespread use in North America, there are still many countries such as China and India that have some problems to overcome in regard to credit card security. Increased security measures include the use of the card verification number (CVN) which detects fraud by comparing the verification number printed on the signature strip on the back of the card with the information on file with the cardholder's issuing bank.[4]
There are companies that specialize in financial transactions over the Internet, such as Stripe for credit card processing, Smartpay for direct online bank payments and PayPal for alternative payment methods at checkout. Many of the mediaries permit consumers to establish an account quickly, and to transfer funds between their on-line accounts and traditional bank accounts, typically via automated clearing house (ACH) transactions.
The speed and simplicity with which cyber-mediary accounts can be established and used have contributed to their widespread use, despite the risk of theft, abuse, and the typically arduous process of seeking recourse when things go wrong. The inherent information asymmetry of large financial institutions maintaining information safeguards provides the end-user with little insight into the system when the system mishandles funds, leaving disgruntled users frequently accusing the mediaries of sloppy or wrongful behavior; trust between the public and the banking corporations is not improved when large financial institutions are revealed to have taken flagrant advantage of their asymmetric power, such as the 2016 Wells Fargo account fraud scandal.