| As the Internet application environment mature, the Electronic Commercegot quick development, and got the most people to accept it.Under suchbackground, in recent years ,the on-line bank developed rapidly. The on-linebank service mean that the traditional commercial bank provide a kind ofon-line payment service,which is on base of the technique of Internet . Be thebiggest commercial bank of domestic, Industrial and Commercial Bank ofChina is on a high level in informatization .In the field of on-line bank,ICBC(Industrial and Commercial Bank of China) is also a pioneer.The on-line bank system of ICBC can divides into three parts, includingthe enterprise on-line bank, personal on-line bank and inner managementsystem.The system of B2C ( Business-to-Custom) aims to provide on-linepayment service for customers. The B2C system is a mode of the electroniccommerce, namely companys to customers,it is also called the businessretail .Different from general tradition, we customers can logon on on-lineenterprise and do shopping anytime anywhere ,this would save you thetroublegoing shopping in the real stores.ICBC B2C on-line payment service isthat when enterprises trade with customers on-line, the bank provides theon-line funds balance of accounts service for it.The system of B2C is a part of ICBC personal on-line bank. The B2Csystem has three participants,customers,enterprises and ICBC.The opration ofcustomers is simple(customers logon on enterprises' website,do shopping,thencheckout),but the other two participants' work is complicated,they need tocarry on the development of the software.ICBC provides three modes of notification interface.Enterprises canchoose anyone they need. Detailed description of enterprises' softwaredevelopment is given in the paper. The development of enterprises' softwareincludes two parts, the development of seller's website and the developmentof interface procedure between seller and ICBC. At first, develop seller'swebsite and this provide customers with the environment of shopping.Thenuse the ICBC API develop the payment form page,which is used to guidecustomers to ICBC payment service web page.At last,we also need to developthe procedure to receive the result information from ICBC.In theprocedure,we use API to verify the result information. If sellers need thefunction of immediate delivery, a procedure to make goods delivery page isalso needed.The enterprises' system can be divided into two parts, frontstage websiteand backstage management system.The frontstage website is face tocustomers,which including a serial links in common usage, layeringmerchiandise catalogue, search mechanism, the merchandise informationdiagram, detailed information diagram of merchandise, shoppingcart,verification of order etc. The backstage management system is face toseller's manager,which including administrator accountmanagement,merchandise management, order form management, customers'accounts management, website management etc.From functionalstandpoint,the system can be divided into user account management module,product catalog module,shopping cart module, order processing module,inventory module, messaging module and control module.The first measure of the development of interface procedure betweenseller and ICBC is use API to develop the payment form page. The form pageincludes payment form which is aimed to provide detailed information of theorder and the seller for ICBC.Then ICBC receive the payment form and dosome corresponding operation,after that,ICBC send the result information toseller.Under HS interface, enterprise need to develop a procedure to receivehttp request from ICBC.(afer successful transaction,ICBC take outthe"merURL"in the payment form,and link it with the resultinformation,which makes a complete URL,ICBC send a request to thisaddress).At last,the seller receive the request,take out the sign message,then use the API toverify it is correct or not. If it is,the seller do some corresponding operations.If thepayment form successfully finished,the seller return a null string or an URL.If it's nullstring,ICBC consider the transaction is over,else the URL is used to provide thecustomers with the address of immediately goods delivery or the URL is a notification.Be the on-line bank system, B2C system faces various kinds ofattacks.For example,aggressors steal the information of the legal users,pretendit is the legal user,communicate with others;steal or modify data in thenetwork by physics and logic means,intercept and seize by illegal means,thusget sensitive information;distort its contents carry on cheating etc.In B2Csystem, adopted the data encryption, numerical certificate, the numeralsignature and SSL ect.This various kinds of mechanisms guarantee thesafety of the system.In the process of data deliver, adopted both the numeralsignature and data encryption to guarantee data confidentiality, integrity andnon-denial.When customers input their payment account keyword,B2Csystem use the SSL to realize data encryption.In addition , B2C systemseparate customer's on-line account password from the password of logonkeyword, strengthenning the protection of customer's bank account. ICBCalso install the server certificate of the VerySign company, customers cantrust the website is ICBC website.To logon the website ,The seller must usethe certificate password of seller's certificate and sellers' certificate,this makeICBC can verify sellers.The system of B2C has it the merits and shortcomings, the mostimportant problem in on-line bank system is: the challenge of the systemsafety keep changing and developing. How to improve and optimize thesystem safety control mechanism, how to guarantee the system safety is abig problem which need us to work harder than ever!... |
PDF Full Text Request