Electronic money

Автор работы: Пользователь скрыл имя, 28 Марта 2012 в 17:51, курсовая работа

Краткое описание

Electronic money (e-money) systems are gradually achieving some level of status as a means of payment in a number of countries.

Содержание

1 Target of Evaluation description 7

E-money system: model 7

Main concepts of the model 7

Examples of e-money systems 9

History of electronic Money 10

Additional concepts: compensation, transactions,
EV life cycle, roles, actors, and quasi-actors 13

1.1.5 Interoperability of two e-money systems 19
1.2 Target of Evaluation 20

1.2.1 Elements that are part of the TOE 20

1.2.2 Elements that are outside the TOE 21
2 The electronic payment system in Kazakhstan 21
2.1 The popularity of electronic money. prospects for development 21
2.2 The role of the Processing Center and in the development of 23
payment card systems of the Republic of Kazakhstan
List of sources used 28

Прикрепленные файлы: 1 файл

Курсовая.docx

— 2.97 Мб (Скачать документ)

The late 1990s were a pivotal moment for electronic money as Amazon.com is launched in 1995, and then in 1998 PayPal is formed to make it easy for consumers to spend money online without risk of their credit card number being stolen. PayPal’s innovation was to offer a virtual account for consumers that could be topped up using a credit card or wire transfer, and then an email address used to send and receive funds. The services offered by PayPal marked the true beginning of electronic money as being distinctly different from traditional over the phone and online credit card processing.

Further developments in the electronic money industry saw PayPal’s model copied by other providers, along with new ideas for securing customer funds using the gold standard or silver, platinum, or palladium, yet still offering the flexibility of sending and receiving payments with an email address. Virtual currency backed by precious metals can be exchanged for any supported currency, but is typically tracked as direct comparison of the price the precious metal is fetching in the international precious metal markets. Web-money, e-gold, and e-Liberty Reserve have become the biggest gold backed electronic money providers.

Further developments in the electronic money industry saw PayPal’s model copied by other providers, along with new ideas for securing customer funds using the gold standard or silver, platinum, or palladium, yet still offering the flexibility of sending and receiving payments with an email address. Virtual currency backed by precious metals can be exchanged for any supported currency, but is typically tracked as direct comparison of the price the precious metal is fetching in the international precious metal markets. Web-money, e-gold, and e-Liberty Reserve have become the biggest gold backed electronic money providers.

Private currencies also proliferated around the same time, originally spurred by the demand for some form or marketplace within networked games such as World of War Craft and Second Life. Private currencies are sometimes redeemable for real world currencies at a fixed rate pegged to the dollar or other major currency. Since those times, private currencies have developed in many forums and webmaster services as a means of offering advertising amongst members, the most famous of these perhaps being Entrecard, a service where users visit other blogs and are paid in Entrecard Credits, which become redeemable for cash once a reserve level has been met.

In the offline world, perhaps the most successful electronic money has been facilitated with stored value cards that are denominated in local currency. The United States Military designed a stored value card known as Eagle Cash that provided an advance on a soldier’s earnings and could be used in base shops and canteens by simply presenting the chip side of the card for swiping. In Hong Kong, a stored value card originally designed to make subway ticket purchases quicker has become a defacto cash card now accepted by a majority of retailers and utilities in the city.

 

 

1.1.4 Additional concepts: compensation, transactions, EV life cycle, roles, actors, and quasi-actors

 

Compensation (CP)

 

Typically, seen as a model, an e-money system has two flows, i.e. the flow of EV (the solid line from left to right in Figure 4) and the flow of value to compensate the EV (the dotted line from right to left).

The obligation to deliver CP may be fulfilled either immediately or at some prior point in the past or in the future. In the case of goods or services, the related amount might not be known from the start and may be defined, by joint agreement, in the course of the provision of these goods or services.

 

Transactions

A transaction is defined as a flow of EV.

The following basic operations and attributes constitute the minimum characteristics which must be present for transactions: Basic operations constituting EV transactions:

– Initialization;

– EV debiting;

– EV crediting;

– Closure.

Attributes characterizing a transaction:

– the transaction type (payment, loading, collection, etc.);

– the identifier of the sub-system from which

EV is debited (hereafter “debited subsystem”);

– the identifier of the sub-system to which

EV is credited (hereafter “credited subsystem”);

– the EV amount exchanged (debited and credited);

– the existence of CP.

The RD generated upon request to allow the System Supervisor to monitor the system includes at least the transaction attributes listed above.

 

Two types of transactions can be distinguished:

– A transaction which involves an interaction between flows of both exchanges of EV and CP is called a transaction with CP.

Transactions with CP are generated against a flow of value in return. This may consist of a flow of fiduciary or scriptural money as well as of goods or services. A purchase transaction based on an e-money payment is an example of a transaction with CP.

– A transaction without this interaction between the two flows is called a transaction without CP.

Transactions without CP involve an EV circulation that is not balanced by a corresponding flow of value. Recycling of EV is a typical example of a transaction without CP.

The table below presents, as a rough guide, a non-exhaustive list of the types of transactions that can occur in e-money systems:

 

 

A particular specification of the model is that the System Supervisor11 must be able to monitor transactions between two subsystems.

Transactions inside a sub-system are not monitored by the system supervisor. Subsystems must be defined so that flows with compensation are made outside of these subsystems.

In an e-money system conforming to the model, the EV amount created is equal to the sum of the extinguished EV amount and the EV amount in circulation. If more EV is extinguished than the amount created, false EV is introduced into the system. One role of supervision is to try to detect such a situation;

Observing all transactions with compensation makes it easier to perform such supervision.

EV circulates inside a sub-system via transactions without CP. Generally, EV circulates between two sub-systems via transactions with CP.

 

 

EV life cycle

 

In the e-money system, the EV life cycle moves through the following EV states:

1. Initial (or source) state, in which EV is injected in the system;

2. One or more active states, in which EV remains in the system;

3. Final (or sink) state, in which EV is drained from the system.

The EV life cycle evolves through three state changes: creation, circulation and extinguishment, each of which is associated with a transaction.

• EV creation

EV is created via specific transactions with CP, which include two additional basic operations:

– Creation of an EV amount in the debited sub-system;

– Transmission, to a player called the EV

Issuer, of AD, which reports the EV creation and initiate the obligation of the actor whose sub-system created the EV to deliver an equivalent amount (i.e. the CP) to the EV Issuer.

With this state change, EV enters the system and reaches an active state.

• EV circulation

EV circulates inside a sub-system (via transactions without CP) and between two sub-systems via transactions with CP. With this state change, EV moves between two active states.

EV extinguishment

EV is extinguished via specific transactions with CP, which include two additional basic operations:

– Extinguishment of an EV amount in the credited sub-system;

– Transmission to the EV Issuer of AD, which report the EV extinguishment and give effect to the obligation for the EV Issuer to deliver an equivalent CP amount to the player whose sub-system extinguished EV.

With this state change, EV leaves the system.

Throughout the remainder of this document, transactions do not include EV creation or extinguishment unless this is explicitly stated.

Figure 6 describes, as a rough guide, the EV life cycle in an e-money system, i.e. the transitions from one state to another resulting from transactions with CP typical of an e-money system. The initial state is the creation of EV, after which this is loaded on the customer’s purse (i.e. on a smart card or computer memory). This loading may take place directly from the issuer to the customer or, alternatively, through a bank or Electronic Money

Institution (ELMI; as defined in Directive 2000/46/EC) where the EV may be kept in stock before being loaded on the purse. The customer can decide either to make payments with the EV or to refund the EV to the issuer. A payment may also be cancelled, after which the EV is transferred back to the purse. The acquiring bank or ELMI ultimately collects the EV and either keeps it in stock to recycle and reload on a purse or else extinguishes it and thereby completes its life cycle.

 

 

Roles, actors, quasi-actors

 

Setting objectives for an e-money system requires the definition of a general security framework, which includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources. In this report this challenge is addressed by allocating responsibility to those who can most efficiently reduce the risk: system administrators and operators.

The model takes into account all players that are relevant for security and grants each a certain trust level. The co-operation of all players involved in the system is essential for globally effective security.

A player having responsibility for a subsystem is referred to in this document as an actor. The model defines the responsibilities of the different actors, each being responsible for a sub-system in the EV circulation. An actor is directly involved in the exchange of EV (e.g. EV Issuer, Loading Agent, etc.).

A player that is not responsible for a subsystem is defined as a quasi-actor. A quasiactor does not interact directly in the exchange of EV (e.g. IT provider, etc.).

Different roles for actors and quasi-actors are distinguished. The concept of role is related to players’ responsibilities. Their respective roles depend on skills, business objectives and the level of risk that they assume. A specific task and a particular trust level are associated with each role.

The roles defined in this report are

Administrator, Operator and User:

– Administrator

The Administrator is responsible for defining and managing the overall security of the e-money system. This means defining the policy statement, identifying risks, selecting security controls and managing the implementation and operation thereof.

Generally the Administrator bears all losses of the system and it is assumed that relevant legislation applies strict requirements to Administrators, for example as regards the company’s activities, its financial stability, recruitment policy, accounting practices, access to its premises, access to data and data processing. Main risks incurred by an Administrator could be: i) liquidity risks; ii) Compliance risks and iii) reputational risks. The Administrator enjoys a high trust level because he bears the ultimate responsibility for security.

– Operator

The Operator participates in implementing and operating the security of the e-money system. Generally the operator is bound to an Administrator by contractual obligations. Moreover an Operator must comply with relevant legislation and best practices, requirements that, although similar to those which apply to an Administrator, are less stringent. Main risks incurred by an Operator could be: i) operational

risks; ii) compliance risks and; iii) reputational risks. He enjoys a moderate trust level, because the operator is responsible for security implementation under the Administrator’s co-ordination.

– User

A User is a customer of the e-money system contractually bound to an Operator. The contract does not require that the User implements procedures which contribute to technical security.

However, it does require that he/she uses approved devices and follows the right security procedures. Main risks incurred by Users could be: i) frauds in EV transactions; ii) fraud in EV storage and iii) privacy breaches. To ensure simple, friendly and cost effective system usability, only a few, user-friendly security obligations should be assigned to the User. As a result, Users enjoy a low trust level, leaving the main security-related management and operating tasks to

Administrators and Operators. Thus, the trust level granted to Administrators is greater than that granted to Operators, which in turn is greater than that granted to Users. When a player subcontracts part of his activity in the e-money system, he passes the relevant e-money system obligations on to his subcontractor.

A player may have more than one role in relation to the same device, depending on the transaction(s) being performed. In every instance, the player enjoys the trust level corresponding to the role he plays at a given time (i.e. the player’s trust level must be consistent with his role at all times).

All roles are carried out by identified players, with the possible exception of the EV Holder, who can remain anonymous.

The tables below present, as a rough guide, a non-exhaustive list of actors and quasiactors, together with their typical roles in card-based and software-based systems. A player may incorporate several actors/ roles, e.g. a player may be both an EV Issuer (and play the role of Administrator) and an IT Provider (and enjoy the trust level of Operator).

 

 

Composition of two e-money systems

 

In a situation where EV circulates between several sub-systems which belong to different e-money systems, the set of all sub-systems belonging to each e-money system should be regarded as another e-money system under the responsibility of a System Supervisor.


Thus, this situation is covered by the model and will not be mentioned further in this document.

Generally, the IT Provider provides the actors with a functional e-money system, i.e. he provides the Information Technologies (IT) for all of the sub-systems, especially the Purse Holder’s device application.

The System Supervisor and the IT Provider are quasi-actors, as they are not responsible for sub-systems through which EV circulates.

Nevertheless, the System Supervisor enjoys an Administrator trust level, and the IT Provider an Operator trust level.

 

 
When there is commercial interoperability between several e-money systems, which all comply with the definition given in this EMSSO, the interoperable elements of the systems constitute another e-money system compliant with this EMSSO only if there is a “global” System Supervisor who monitors the security of all EV. In practice, the System Supervisors could carry out “global” supervision jointly, either on a cooperative basis or by mutual acceptance of an appropriate contractual agreement.

 

1.1.5 Interoperability of two e-money systems

 

Sharing of a sub-system

 

A sub-system may be shared with one or several other systems, not all of which need necessarily be e-money systems. In such circumstances, the shared sub-system is regarded as any other sub-system, regardless of the other system(s) in which it takes part. For example, the terminal infrastructure could be shared by two or more different card-based e-money systems that use the same technology but do not share the EV.

 

 

    1. Target Of Evaluation

 

The Target of Evaluation (TOE) is generally defined as the part of the system that will be evaluated. The definition of the Target of Evaluation is based on the e-money system as elaborated in the previous section. According to the Common Criteria, the elements that are not part of the TOE (but are necessary to the TOE to satisfy its security objectives) are called the TOE environment. For evaluation, the TOE must be run in an environment that is compliant with the security objectives for the environment.

 

      1. Elements that are part of the TOE

 

Model

 

The model, as defined in the previous section, is part of the TOE:

• Sub-systems

• EV circulation

• RD flows and system supervision

A sub-system can be composed of one or more hardware and/or software device(s).

For each device in each sub-system, the TOE includes the following phases: initialization (including the personalization and activation of the device), operation and termination. Several kinds of security devices can be identified:

• the security module of the servers that store and process sensitive data relating to the whole e-money system (e.g. personal data, secrets) which must be kept secure;

• the devices that store and process sensitive data which relate to only one sub-system (e.g. derived keys);

• the security enclosures of intermediary devices, such as manned or self-service terminals, that store and process sensitive data which may relate to the whole e-money system or to only one sub-system.

Transactions

The TOE comprises the following transactions:

• Creation;

• loading;

• Payment;

• collection;

• refund;

 

Actors and quasi-actors

 

The TOE includes the following actors:

• the Loading Agent;

• the Acquirer;

• the EV Holder;

• the Service Provider;

• the System Supervisor;

• the EV Issuer;

• the IT Provider.

 

1.2.2 Elements that are outside the TOE

In general, all aspects that are not in the TOE are part of the TOE environment. System development and manufacturing (before EV creation), together with the clearing and settlement procedures (which take place after EV extinguishment), are outside the scope of the TOE, and are also not considered part of the environment. Development and manufacturing may be covered by dedicated PPs.

The compensation flows are not part of the TOE.

 

 

 

2. The electronic payment system in Kazakhstan 
 
2.1 The popularity of electronic money. prospects for development 
 
According to some analysts, in a short time electronic payment from the market completely replace cash and checks, as they represent a more convenient way to pay for goods and services.

According to the calculations of companies ABA / Dove, electronic payments may soon displace cash and checks, because today every second purchase in the store is made by electronic means of payment. Cash remains the primary means of payment in traditional stores for only 33% of buyers. 
While most online shopping is made by credit card, almost half of respondents use e-commerce checks, money orders, and a quarter of virtual buyers enjoy the P2P payments.

Two-thirds of consumers paying at least one monthly bill by electronic means, including credit / debit cards, direct payments or use online banking services. Analysts believe that by 2003, online bill payment to reach significant amounts, as most users will start using or increase the use of this payment option. At the same time significantly reduced the use of "paper" payments - 21% of respondents stated that they intend to refuse to pay their bills by check. 
At the same time, analysts at Yankee Group noted that 8.7% of U.S. consumers today pay their bills via the Internet. Whereas last year there were 5.1%. Marketing efforts are beginning to bear fruit: 29% of consumers have already expressed interest in using electronic bill payment (EBPP), and 14.9% referred to the main inducement reduce time-consuming.

However, experts warn that banks in this area will face competition from providers of financial services, given that a provider that will provide users a convenient and simple interface will be able to hold them for a long time. 
The growth speed of e-commerce «Business to consumer» Kazakhstan, million dollars (according to The Economist, Boston Consulting Group):

The growth of electronic commerce in the sector «Business to consumer», billion dollars (according to eMarketer):

 

Since its formation in the Kazakh market exchanges, trading platforms use modern technology to create from scratch unique characteristics of the system, trying to cover the whole market, all regions of Kazakhstan. Developing in line with best international trends, organized by the e-commerce is becoming increasingly attractive in the global market. The prerequisites for convergence of communication and trade areas, both within Kazakhstan and abroad. Today, information technology, determine the face of the global financial market. Global financial markets are becoming more global, and Kazakhstan is in line with the process. Calling time is the internationalization of the world economy, which today serves as a globally integrated economic system. 
Our country is going to take an important step - to join the World Trade Organization (WTO). A necessary condition for entry into the WTO is the integration of Kazakhstan into the international financial market. Therefore, speaking about the prospects for the Russian market, as one of the main stages can be distinguished in the integration of world capital market infrastructure. This work has already begun.

2.2 The role of the Processing Center and in the development of payment card systems of the Republic of Kazakhstan 
 
Despite the fact that debit cards have become widely used since the mid 60s of the twentieth century, the market for payment cards in the Republic of Kazakhstan has developed only since 1994 (cards "AlemKard" bank "Alembank Kazakhstan"). 
Preparations for the establishment of a National Inter-bank system of payment cards in the Republic of Kazakhstan began in 1993 with the participation of the company IBM (USA) with the project Smart City. The system of electronic cash was supposed to be a substitute for the usual coins and banknotes. This project used a chip card such as "The electron wallet" for small retail payments for goods and services. Additionally supposed to keep foreign currency in your wallet to protect against inflation.

It was envisaged that the National Bank will be issued electronic money through the sale of second-tier banks, like selling banknotes and coins. 
Currently available in Kazakhstan payment systems on the basis of payment cards with magnetic stripes are not able to meet the retail payments market. Since the operation of the card with a magnetic strip mode is needed «ON-LINE», then this operation requires high-quality line of communication. However, the quality of these lines and their availability are far from perfect. 
Payment instrument that satisfies the needs of the financial market for retail payments, and able to work in a poorly developed communications network, is a microprocessor-based technology. This technology enables the implementation of retail payments in either «OFF-LINE», and in a mode «ON-LINE». Payments in mode «OFF-LINE» enables the implementation of retail operations in the absence of communication.

In late 2000, the National Bank of Kazakhstan approved by the Joint-Stock Company "Processing Center". The purpose of creation of this organization is to create a common currency area in the Republic of Kazakhstan for the use of payment cards. 
Processing Company - a dedicated computer center, which is the technological core of the payment system. Processing company operating in fairly harsh conditions, guaranteed processing in real time intensive transaction flow. Indeed, the use of a debit card makes it necessary to on-line authorization of each transaction at any point of service payment system. For transactions with a credit card authorization is required not in all cases, but, for example, in obtaining money from ATMs, it is also done at all times. No less demands on computing power makes the processing center and data preparation for settlement at closing, as the treatment protocols to be significant (if not overwhelming) part of the transaction and the required time to perform calculations is small - a few hours.

Информация о работе Electronic money