預付卡式電子付費系統—系統流程與卡號安全性分析

Abstract

在實體環境下，消費者到商店付費購買物品，付費的方法以現金、信用卡、支票為主，除了現金以外，商家收到信用卡和支票以後分別是靠著發卡公司與銀行、銀行與銀行之間的銀行內部網路互相沖銷、轉帳來達到消費者付費給商家的目的，而這也是電子付費系統的基本形式；在網路日漸普及的今日，擴展電子付費系統的範疇，使之能夠到達遠端的網路使用者，讓他們可以在網路上購物、收款以及繳帳單等等是銀行與網路應用研究人員所努力的目標；然而，網際網路與銀行內部網路最大的差異在於安全性，網際網路是一個開放式的網路架構，因此安全性的考量就成為電子付費研究的重點，本論文提出一個預付卡式的電子付費系統，並分析其流程與卡號的安全性，讓使用者能夠用很簡便的方式上網購物，並保有一定的安全性。

Nowadays customers go shopping and they pay by cash, credit cards and check. When customers pay by credit cards or check, Merchants get payments by transferring accounts in banks. In this way, people using the original electronic payment system in a banking network. Today, the internet is more and more common and well-known, and using electronic payment system on it seems a trend. However, the significant difference between banking networks and the internet is network architecture. Banking networks are close but the internet isn’t. Since the internet is an open network, the security issue of payment is seriously concerned. In this thesis we present an electronic payment system using prepaid card and analyze the security of its protocol and card numbers. It provides people a convenient way to shop on the internet and protects their privacy.