image provider

Internet Credit Card


Disclaimer

This essay does not describe an existing computer program, just one that should exist. This essay is about a suggested student project in Java programming. This essay gives a rough overview of how it might work. I have no source, object, specifications, file layouts or anything else useful to implementing this project. Everything I have prepared to help you is right here.

This project outline is not like the artificial, tidy little problems you are spoon-fed in school, when all the facts you need are included, nothing extraneous is mentioned, the answer is fully specified, along with hints to nudge you toward a single expected canonical solution. This project is much more like the real world of messy problems where it is up to you to fully the define the end point, or a series of ever more difficult versions of this project and research the information yourself to solve them.

Everything I have to say to help you with this project is written below. I am not prepared to help you implement it; or give you any additional materials. I have too many other projects of my own.

Though I am a programmer by profession, I don’t do people’s homework for them. That just robs them of an education.

You have my full permission to implement this project in any way you please and to keep all the profits from your endeavour.

Please do not email me about this project without reading the disclaimer above.

Credit cards are utterly preposterous for Internet purchases. You give your number to strangers who can then turn around and use them to buy goods and services. The technology to fix this is trivial, but the banks have dragged their feet for many decades. Perhaps by setting up a pilot project to demonstrate how simple it is, the public will put pressure on the banks to issue credit cards designed for the Internet.

The basic problem is you want to give the vendor something that cannot be forged and that he can give/show to the bank to get money. He can’t change the amount or reuse it.

Surprisingly, the solution is not rocket science. Every customer has a private key, and a public key digitally signed by the bank. To buy something a computer program on your computer with access to the private key creates an authorization, specifies the amount, date/time and other details of the transaction and tacks on the signed public key and then signs the whole thing with the private key. You then email or otherwise send that authorisation to the vendor. He still has to check that your account is not maxed out, but he knows that you are the legitimate holder of the account. Nothing in the message would let him fraudulently take extra money from your account or make purchases with your account.

Messages are send encrypted, perhaps using something like The Transporter or HTTPS (Hypertext Transfer Protocol over SSL (Secure Socket Layer)).

For additional security, you need to create a USB (Universal Serial Bus) device that contains the private key. It can sign messages, but it can’t reveal the key. Without such a device, ordinary Windows hacking software could steal your private key.

The easy part is creating the software. The hard part is talking some credit card company bank or other company with the resources to launch an Internet credit card to use it. It could also work with a debit card. PayPal has that market pretty well sewed up. To be useful, it should be an auxiliary to a standard credit card.

credit card
digital signature
encryption
HTTPS
JCE
The Transporter

This page is posted
on the web at:

http://mindprod.com/project/iccard.html

Optional Replicator mirror
of mindprod.com
on local hard disk J:

J:\mindprod\project\iccard.html
Canadian Mind Products
Please the feedback from other visitors, or your own feedback about the site.
Contact Roedy. Please feel free to link to this page without explicit permission.

IP:[65.110.21.43]
Your face IP:[3.91.106.157]
You are visitor number