In this scenario, shipment of goods is generally triggered by a “promise” to pay, in the form of a purchase order or signing of a monthly contract. In some cases, credit cards are used to “guarantee” payment.
The communication channel may be a private line, or a highly secured TCP/IP channel. Users can be expected to "authenticate" themselves by providing a username and password, and possibly a digital certificate.
CashLink in Auckland, New Zealand is one of many companies who are developing business-to-business solutions using the Internet as the network, a web browser as the client, and a relational database as the backend.
SecureTax in Georgia, U.S., is an example of a company selling a $10 pay-per-use software rental to thousands of consumers over the web. Opened in January 1997, their web site offers U.S. citizens tax calculations for all the federal and state tax forms.
SET: Visa and Mastercard have announced the Secure Electronic Transaction (SET) specification to enable credit card transactions to be conducted safely across the Internet. Set is designed primarily to protect the credit card companies from fraud, not the consumer, who will bear no liability beyond the $50 limit of physical credit card transactions. Under SET, merchant and consumer can deal directly with each other. Credit card numbers, payment information and identification can be securely sealed and delivered. SET uses public key encryption from RSA Data Security, plus digital certificates tso that card holders can be identified and verified. Microsoft, IBM, GE, Netscape, CyberCash and others have committed to support SET.
JEPI: The World Wide Web Consortium (W3C) and CommerceNet formed the Joint Electronic Payments Initiative (JEPI) to accelerate the development of the ecommerce marketplace through the adoption of payment system standards. JEPI seeks to build an open standard framework mechanism so that any browser, server and payment middleware can all negotiate and interact with one another. This will facilitate the implementation of solutions and help ensure compatibility across payment systems. Participants include IBM, Microsoft, CyberCash, Open Market, VeriFone and others.
As far as integrating credit card payment with the web, the leading players are VeriFone and First Data Corporation. VeriFone has been in the credit card authorization market for 20 years and holds an estimated 75% of the existing U.S., and 65% of the global, retail electronic card swipe terminal payment systems. They have over 4.7 million systems installed in over 100 countries. FirstData Corporation, the large electronic payment and transaction processor, is providing solutions for large merchants and acquirer banks who want to outsource their credit card settlement infrastructure. The Fist Data network currently authenticates 85% of all credit card transactions. First Data provides services to over 1.7 million merchants and over 1400 financial institutions.
VeriFone plans to offer an Internet plug-in for its existing private card processing system. This vPOS system costs $1500 per license, about double the cost of a physical terminal. FirstData plans its own suite of software products to allow large institutions, such as banks, to link their online ecommerce services to First Data. Merchants or financial institutions collect customer credit card transactions online, then use the First Data POS software to transmit the payment directly to First Data through the Internet, which in turn provides real-time, on-line authorization and settlement. First Data uses RSA encryption and complies with the SET protocols.