SET, Secure Electronic Transaction

SET was initially supported by Visa, Mastercard, Netscape, Microsoft and other companies. It works as an electronic wallet in which transactions are conducted and verified using a combination of digital signatures and digital certificates between the merchant, the purchaser and the purchaser’s institution. SET uses Netscape’s SSL (Secure Socket Layers), Microsoft’s STT (Secure Transaction Technology) and S-HTTP (Secure Hypertext Transfer Protocol) by Terisa System. It also uses some of the primary aspects of the PKI (Public-key Infrastructure). How SET functions on Microsoft and Netscape browsers: 1. A consumer receives a digital certificate which acts as an online credit card. This includes a public key with an expiration data. The certificate travels through a digital switch to a bank to ensure it’s validity. 2. A merchant also receives a certificate from the banking institution. The certificate includes a public key for both the merchant and the bank. 3. The consumer places an order over the internet. 4. The consumer’s web browser receives the merchant’s certificate and then confirms it’s validity. 5. The web browser transmits information regarding the order, encrypting the message with the merchant’s public key - the payment information is encrypted by the bank’s public key. 6. The merchant verifies the consumer by referring to the digital signature on the consumer’s certificate. 7. The merchant sends the order message to the bank - the bank’s public key, the consumer’s payment information and the merchant’s certificate. 8. The bank verifies both the message and the merchant using the digital signature on the certificate. 9. The bank digitally signs and transmits authorization to the merchant. 10. After receiving approval from the bank, the merchant can then fill the order.