ON-LINE CARD (sm) demo
Company
 Services
 Contact Us

« Installing ON-LINE CARD ™ Software / Enrolling in the Service | Main | Customer payment - ON-LINE CARD ™ application running. »

Customer payment - ON-LINE CARD ™ application not running.

Note: Do not launch the ON-LINE CARD TM application or close it if you've already launched it. Close Microsoft ® Internet Explorer. TM Internet Explorer TM must be restarted for this demo to work correctly.

Action: Return to the Sample Check-out Page and click the “Click to Buy TM” button. You will be presented with a Merchant Verification Page with the name of the merchant, the order number, and the requested amount of to be charged. Click the “Pay” button.

Action: The ON-LINE CARD TM Application will launch automatically and prompt you to input your Card Verification Code (CVC) on the “back” of the card. Enter your CVC. Click “Enter,” when it appears, or press 'Enter' on your keyboard.

The application connects to an ON-LINE CARDSM server and displays the ON-LINE CARD TM logo and the available balance on the Card. In a real life situation, this could also be the credit limit.

The PIN panel rolls out.

Action: Enter your Personal Identification Number (PIN) using your mouse. Click the 'Enter' button. Notice the available balance displayed on the card changes.

Click the “Return to Merchant’s site” button. This brings you to the “Success URL” on the merchant's site.  At this point the Merchant System validates the security token and displays a “Successful Payment” page, if the token proves genuine. This page is located on the merchant's system and has a “Delivery button” which will initiate whatever actions are required to deliver the merchandise (file download, etc).

You've just seen:

  • The Merchant Payment Request from Merchants' web-page was intercepted by the ON-LINE CARD TM Application and validated on the ON-LINE CARDSM server.
  • The results of the Merchant Validation displayed to the customer (preventing “phishing” and fake requests).
  • The two-factor authentication of the customer (strong encryption and the CVC code).
  • The customer authorizing payment by entering his or her PIN with the mouse (foils key loggers).
  • NO SENSITIVE INFORMATION WAS PASSED TO THE MERCHANT DURING THE COURSE OF THE TRANSACTION. The merchant was presented with a security token, which was validated on the ON-LINE CARDSM server or locally (depending on pre-arranged options). The brief time between the submission of the token to the merchant's system and delivery minimizes security threats.

March 21, 2005 in 2. Service Functionality | Permalink

Comments

The comments to this entry are closed.

 
© Copyright 2004, On-line Card Technologies, Inc.

ON-LINE CARD (tm) is the trademark of On-line Card Technologies, Inc., ON-LINE CARD (sm) and CLICK TO BUY (sm) are service marks of On-line Card Technologies, Inc., other trademarks and service marks belong to their respected owners.