XML Trust Services. White Paper



Similar documents
Business-to-Business EIPP: Presentment Models, Part 1 By: The Council for Electronic Billing and Payment

Internet Part 2. CS/MIS Department

Module 12: Microsoft Windows 2000 Clustering. Contents Overview 1 Clustering Business Scenarios 2 Testing Tools 4 Lab Scenario 6 Review 8

Module 6. e-business and e- Commerce

Concepts in Enterprise Resource Planning

Enabling Secure Payment Processing On Your Site. A guide to accepting and managing online payments for e-commerce

Swedbank Payment Portal Implementation Overview

Benefits of integration

Research on the Model of Enterprise Application Integration with Web Services

Office Relocation Planner Guide to Credit Card Processing

Chapter 12. Electronic Payment Systems Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

Chapter 12. Learning Objectives. Learning Objectives. Electronic Payment Systems

Java E-Commerce Martin Cooke,

See Gold in B2B. B2B ecommerce Playbook

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

BUSINESS GUIDE. Online Payment Processing. What You Need to Know

Case-study: SwissAir. The Internet Business. Case-study: SwissAir. Case-study: SwissAir. Summary. Summary

BUSINESS-BUSINESS (B2B) E-COMMERCE STRATEGIES AND SOLUTIONS. Presented by LEENA J MANWANI

Chapter 11: E-Commerce

Beanstream Credit Card Processing...

How To Build A Connector On A Website (For A Nonprogrammer)

Building an E-Commerce Trust Infrastructure

IBM Tivoli Access Manager and VeriSign Managed Strong Authentication Services. Combine resources for one complete online business security solution.

THE ecommerce CHALLENGE

Introduction to Service-Oriented Architecture for Business Analysts

Allegis Delivers Web Services for Partner Relationship Management Using.NET Enterprise Servers

Full-scale Online Event Ticketing System The Design and Implementation

Outline. TIM 50 - Business Information Systems. Lecture 10. Instructor: Terry Allen UC Santa Cruz 10/28/2011

TIM 50 - Business Information Systems

Licensing VeriSign Certificates

Oracle Procurement. Punchout and Transparent Punchout Guide for Oracle iprocurement and Oracle Exchange Release 11i. Part No.

WHITE PAPER. Licensing VeriSign Certificates: Securing Multiple Web Server and Domain Configurations

Win with Level 3 processing. Acquire more government and corporate customers while reducing your payment transaction fees

E-commerce refers to paperless exchange of business information using following ways.

XML-Based Business-to-Business E-Commerce

Using Entrust certificates with VPN

Framework of e-commerce

CHOOSING A PAYPAL PRODUCT

PEOPLESOFT esettlements

PEOPLESOFT ENTERPRISE esettlements

Ecommerce Designing ETP 450x (4 Units) - Laboratory Exercises

Mobile Apps for Business to Business Commerce

E-Commerce, Merchant Processing, EMV and General Best Practices for Municipalities

Dental Office s Guide to Merchant Payment Processing

Card Payments in ecommerce

ecommerce in Retail BY PENTAMEDIA

Chapter 4. Learning Objectives. Learning Objectives. Building an E-commerce Web Site. Building an E-commerce Web Site: A Systematic Approach

Simple & Secure Integrated Payment Processing from Element and Transformations

Online Payment Processing What You Need to Know. PayPal Business Guide

Product. LynxGate Harness the Power Behind Your ATMs to Increase Revenue, Reduce Costs and Strengthen Member Relationships

INTERNET TECHNOLOGIES AND SUPPLY CHAIN MANAGEMENT

Technical Overview of PayPal as an Additional Payment Option

Chapter 11 E-Commerce

IT TECHNICAL SECURITY REVIEW CHECKLISTS FOR E-COMMERCE WEBSITES

B2B Strategies: from EDI to e-commerce. Objectives. In this chapter, you will learn about:

a CyberSource solution Merchant Payment Solutions

Frequently Asked Questions OB10

INTEGRATION SOFTWARE: BUILD OR BUY?

Electronic Transactions Act and Digital Signature Act: Background, Major Provisions and Implication

Baltimore UniCERT. the world s leading PKI. global e security

VeriSign Payment Services

Introduction to SAML

The University of South Carolina MarketPlace E-Commerce Guidelines

GUIDE TO WEBSITES AND E-COMMERCE

4. Concepts and Technologies for B2C, B2E, and B2B Transaction

Credit card: permits consumers to purchase items while deferring payment

Integration of Hotel Property Management Systems (HPMS) with Global Internet Reservation Systems

PRIVACY, SECURITY AND THE VOLLY SERVICE

Simplify SSL Certificate Management Across the Enterprise

ABOUT AT&T GLOBAL CLEARINGHOUSE

HBA Virtualization Technologies for Windows OS Environments

ELECTRONIC INVOICE PRESENTMENT AND PAYMENT FOR THE OCEAN FREIGHT INDUSTRY

A Symantec Connect Document. A Total Cost of Ownership Viewpoint

Unique Technology Needs of Small & Medium ecommerce Sellers

AribaPay Operational Details

Electronic Commerce. Chapter Overview

a CyberSource solution Merchant Payment Solutions

Fulfillment Outsourcing 2014: How & Why?

Introduction to Online Payment Processing and PayPal Payment Solutions

Credit Card Extension White Paper

a CyberSource solution Merchant Payment Solutions

5Subscription Management Automate. 6Electronic License Activation (ELA) 7Electronic License Management. 8Electronic Software Delivery (ESD)

A Guide to Accounts Payable Supplier Processes

Knowledge-Based Authentication Challenge Response System

Unit- IV. SYLLABUS: Electronic Data Interchange, EDI Applications in Business, EDI implementation, MIME, and value added networks.

Managing SSL Security in Multi-Server Environments

Chapter 5. B2B E-Commerce: Selling and Buying in Private E-Markets

Project: How you can use efficient logistics processes to make the most out of ecommerce. Thanks to intelligent logistics to a successful web shop

Registration and PCI DSS compliance validation

Web and e-business Technologies

Unified Payment Platform Payment Pos Server Fraud Detection Server Reconciliation Server Autobill Server e-point Server Mobile Payment Server

Cloudbuz at Glance. How to take control of your File Transfers!

IBM Maximo technology for business and IT agility

Case Study for Layer 3 Authentication and Encryption

Strong Security in Multiple Server Environments

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

A guide for accepting online payments for Hertfordshire emarketplace Providers

A ROAD MAP FOR GEOSPATIAL INFORMATION SYSTEM APPLICATIONS ON VBLOCK INFRASTRUCTURE PLATFORMS

Website Payments Standard Integration Guide

Transcription:

XML Trust Services White Paper

Contents Executive Summary 1 I. Introduction 2 A. Why XMLPay? 2 B. XMLPay Benefits 3 II. How XMLPay Is Used In B2C Payments 3 III. How XMLPay is Used in B2B Payments 4 IV. Technical Components 4 VI. For More Information 5 i

Executive Summary XML (Extensible Markup Language), the flexible data framework that allows applications to communicate on the Internet, has become the preferred infrastructure for e-commerce applications. All of those transactions require trust and security, making it mission-critical to devise common XML mechanisms for authenticating merchants, buyers, and suppliers to each other, and for digitally signing and encrypting XML documents like contracts and payment transactions. XML Trust Services a four-component suite of open specifications for application developers developed in partnership with industry leaders including Microsoft, Ariba, WebMethods, and Netegrity makes it easier than ever to integrate a broad range of trust services into B2B and B2C applications. XML complements Public Key Infrastructure (PKI) and digital certificates, the standard method for securing Internet transactions. To help Internet merchants process a broad range of Web-based payment types (including credit debit card, purchase card, and Automated Clearinghouse, or ACH payments) for B2B and B2C e-commerce, VeriSign, Ariba, and other vendors created the XMLPay specification for sending payment requests and responses through financial networks. XMLPay is an extensible Markup Language (XML) specification for payment requests and responses in a distributed, Web-based payment transaction environment. XMLPay is also a scalable payment service application operated by VeriSign in support of both B2C and B2B Internet payment applications. The typical user of XMLPay is an Internet merchant or merchant aggregator who wants to dispatch consumer credit (or debit) card, corporate purchase card, Automated Clearinghouse (ACH), or other payment requests to a financial processing network. Using the data type definitions specified by XMLPay, such a user creates an XMLPay client payment request and dispatches it using a transport mechanism intentionally left unspecified by XMLPay to an associated XMLPay-compliant server component. Responses are also formatted in XML and convey the results of the payment requests to the client. The use of XML simplifies client-side processing in payment service applications, allowing payment service applications to be easily linked larger XML-workflow environments. This paper describes the capabilities that XMLPay brings to payment services in a variety of application scenarios. The intended audience of this paper is anyone who is thinking about adding the ability to payment capabilities to their merchant Web site, B2B trading exchange, or other online transaction system. We describe what XMLPay is, who uses it, and how the VeriSign XMLPay payment gateway implementation makes it possible to use XML simply and easily in payment service applications. 1

I. Introduction The XMLPay specification defines four things. First, it defines a way to describe payment transaction requests in the extensible Markup Language (XML). Next, it defines a way for that transaction request to be communicated to a financial institution for payment and settlement. Third, it provides XML-based way for the results of the transaction to be expressed and imported into e-commerce applications. Finally, XMLPay is also a live Web service endpoint operated by VeriSign. This payment gateway Web service provides connectivity to most major bank processors and financial networks and comes pre-integrated in many e-commerce applications. Using XMLPay, merchants communicate their payment requests to the XMLPay Gateway, and VeriSign switches these requests to the appropriate financial institution, returning results back to the merchant. XMLPay is an open and broad specification intended for use in both Business-to- Consumer (B2C) and Business-to-Business (B2B) payment processing applications. A. Why XMLPay? Today s fragmented payment systems connect merchants to banks via privately operated, pointto-point payment networks. In 1999, over 6 billion US electronic payment transactions originating from approximately 2 million merchant locations and representing over $290 billion in merchant dollar volume were passed over leased lines and non-internet interfaces to a single transaction processor (First Data Corporation). Such traditional payment systems often prove ill equipped to manage the costs and complexity of transitioning and enabling transactions over the Internet. Because of the high cost and complexity of automating payment using legacy payment technologies, only a fraction of today s potentially automated e-commerce applications are currently enabled for Internet payment. In short, today s infrastructure for payments on the Internet is fragmented and difficult to integrate into applications. As a result, adding even basic payment capabilities to Web services often proves to be an expensive and difficult process. And in business-to-business e-commerce, the appropriate Internet payment infrastructure is practically nonexistent. Over the last two years, the work of Internet standards communities such as W3C together with many announced industry initiatives has highlighted XML as a key technology for smoothing the integration of distributed applications between business over the Internet. 2

B. XMLPay Benefits By choosing XMLPay for XML payment execution, B2C and B2B merchants, merchant aggregators and trading exchanges gain the ability to free themselves from point-to-point and difficult to integrate payment solutions, reaping the benefits of an integrated XML payment platform designed specifically for the Internet. Banks and financial institutions also benefit, because use of XMLPay frees these traditional payment marketplace participants of the time and cost required to build inhouse solutions and allows them to reach broader and new markets in Internet time. II. How XMLPay Is Used In B2C Payments B2C transactions begin when a Buyer presents a payment instrument (e.g., credit card number) to a Seller in order move money from the Buyer to the Seller (or vice-versa in the case of a credit or refund). In the diagram below, one can think of the Buyer as consumer using a Web browser, and the Seller as a merchant Web site. Buyer Seller Payment Gateway Payment Processor XMLPay Figure 1: Typical XMLPay processing model for Business-to-Consumer (B2C) transactions Use of XMLPay comes into play when the Seller needs to forward the Buyer s payment information on to a Payment Processor (at the far right). The Seller formats a XMLPayRequest and submits it either directly to an XMLPay-compliant payment processor or, as pictured, indirectly via a XMLPay-compliant Payment Gateway, such as operated by VeriSign. Responses have type XMLPayResponse. The Buyer-to-Seller and Payment Gateway-to-Payment Processor channels are typically left unaffected by use of XMLPay. For example, XMLPay is typically not used in direct communications between the buyer and the seller. Instead, conventional HTML form submission or other Internet communication methods are typically used. Similarly, because Payment Processors often differ considerably in the formats they specify for payment requests, it is often desired to localize XMLPay server logic at the Payment Gateway, leaving the legacy connections between gateways and processors unchanged. 3

III. How XMLPay is Used in B2B Payments When used in support of B2B transactions, the Seller does not typically initiate XMLPay requests. Instead, an aggregator or trading exchange uses XMLPay to communicate business-focused purchasing information (such as Level 3 corporate purchase card data) to a payment gateway. Buyer Buyer Buyer Trading Exchange XMLPay Seller Seller Seller Payment Gateway Payment Processor Figure 2: Typical XMLPay processing model for Business-to-Business (B2B) transactions In this way, the trading exchange links payment execution to other XML-based communications between Buyers and Sellers such as Advance Shipping Notice delivery, Purchase Order communication, or other B2B communication functions. IV. Technical Components The XMLPay Specification consists of three parts. = XMLPay: Core is the heart of XMLPay. It defines the basic XML datatypes needed to unify B2C and B2B payment processing applications. = XMLPay: Registration captures automation of payment-related enrollment functions, such as merchant registration and configuration. = XMLPay: Reports specifies mechanisms for automating merchant transaction reporting functions in the payments back office. The first of these specifications, XMLPay Core, is available now (Nov 2000). Teams working on XMLPay are planning to extend the functionality to registration and reporting. The driving goal is to provide a public specification for Web payment interoperability, from merchant service sign-up, to payment execution, to reporting functions after payments have taken place. 4

VI. For More Information To access the XMLPay specification and learn more about VeriSign s XML Trust Services, see http://www.verisign.com/developer/xml/index.html VERISIGN, INC. 1350 CHARLESTON ROAD MOUNTAIN VIEW, CALIFORNIA 9404 WWW.VERISIGN.COM 2000 VeriSign, Inc. All rights reserved. VeriSign, NetSure, and OnSite are registered trademarks and service marks of VeriSign, Inc. All other trademarks belong to their respective owners. 11/00 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information