A secure electronic transaction is a process used to allow the transfer of secure information over the Internet. Examples include credit card numbers, bank account numbers, government-issued identification numbers and other data that must be exchanged to complete a financial transaction. It most often is employed for electronic commerce using credit cards or direct withdrawal of funds from a bank account and for sensitive activities such as online investing or online management of a bank account. In fact, the development of secure electronic transactions integrated into a website's payment system has made electronic commerce not only possible but in many ways safer and more secure than traditional financial transactions.
The term "secure electronic transaction" refers specifically to SET, a specific security protocol that makes use of several layers of encryption to protect sensitive information. In SET, a typical secure electronic transaction works based on a series of electronic signatures. Merchants, customers and banks all receive individual digital signatures, often keyed to an individual secure electronic transaction so that each individual purchase has its own set of encryption keys, and all credit card or bank account numbers are protected from exposure and potential fraud. This results in a complex but ultimately very secure system. In order to use SET, both the customer's browser and the merchant's server must be SET-enabled.
Providing another layer of security, each transaction uses a dual signature. A set of order information is sent to the merchant under one signature, and payment information is sent to the customer's bank under another signature. Thus the credit card number is not disclosed to the merchant, and the customer's order contents are not disclosed to the bank. This system requires the order information and the payment information to be linked, and it requires use of a digital "wallet," in which the customer's information is stored.
When it initially was introduced, the secure electronic transaction protocol was supported by a number of credit card companies and merchants, including MasterCard® and Visa, who originally participated in its development. Microsoft and Netscape also supported the protocol, and it was expected to become the standard for electronic commerce. Utilization of SET, though, requires additional software to create and maintain the digital wallet, as well as additional expense and support to maintain the system. Ultimately, the level of complexity required for SET led to its being largely replaced by simpler and less expensive secure electronic transaction methods based on protocols such as secure socket layers (SSL).
