Design, implementation, and deployment of the iKP secure electronic payment system

Authors: M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E. Van Herreveghen and M. Waidner

Abstract: This paper proposes a family of protocols -- iKP (i=1,2,3) -- for secure electronic payments over the Internet. The protocols implement credit card-based transactions between the customer and the merchant while using the existing financial network for clearing and authorization. The protocols can be extended to apply to other payment models, such as debit cards and electronic checks. They are based on public-key cryptography and can be implemented in either software or hardware. Individual protocols differ in key management complexity and degree of security. It is intended that their deployment be gradual and incremental.

The iKP protocols are presented herein with the intention to serve as a starting point for eventual standards on secure electronic payment. They have influenced the development of the SET standard.

Ref: Extended abstract, entitled iKP - A Family of Secure Electronic Payment Protocols was in Proc. First USENIX Workshop on Electronic Commerce, USENIX, 1995. Full version is in IEEE Journal on Selected Areas in Communications, 2000, Vol.18, No. 4, pp. 611-627. The full version is available below.

Full paper: Available as compressed postscript, postscript, or pdf. ( Help if this doesn't work).

Related work and links