2 of 13

Question 06 (2019)

i.) What is SET protocol? (3 marks)

Secure Electronic Transaction or SET is a system that ensures the security and integrity of electronic transactions done using credit and debit cards. secure electronic transaction protocols were responsible for blocking out the personal details of card information, thus preventing merchants, hackers, and electronic thieves from accessing consumer information

3 of 13

ii.) State three (03) internet banking issues (3 marks)

Technology and Service Interruptions (go down or are temporarily unavailable due to scheduled site maintenance)
Security and Identity Theft Concerns (no system is completely foolproof and accounts can be hacked, resulting in identity theft via stolen login credentials.)
Lack of Personal Banker Relationship (Not receive feedback your all type of problems)

4 of 13

iii.) What is the difference between online banking and electronic banking (06 Marks)

Electronic banking, also known as electronic fund transfer (EFT), uses computer and electronic technology in place of checks and other paper transactions. EFTs are initiated through devices like cards or codes that let you, or those you authorize, access your account. (Ex. Doing transactions using debit or credit cards in the supermarket, Withdrawing money from ATM machine)

5 of 13

Online banking allows a user to conduct financial transactions via the Internet. Online banking is also known as Internet banking or web banking.

Online banking offers customers almost every service traditionally available through a local branch including deposits, transfers, and online bill payments. (Ex. Check balance through internet)

6 of 13

iv.) Briefly explain Asymmetric cryptography (public key cryptography) mechanism with its uses. (8 marks)

Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.

7 of 13

Plaint text – the original text created by user

Cipher text – Secret code after applying public key

Public key – Computer algorithm that use to convert plain text into cipher text (Encryption)

Private key – Computer algorithm that use to convert cipher text into original text (Decryption)

8 of 13

Question 06 (2018)

Define the term “encryption” and “decryption”

Encryption – The process of converting plain text (User prepared message) into cipher text (Secret of code of Symbol) using the public key.

Decryption – The process of getting original text from cipher text using the private key.

9 of 13

2) There are six Dimensions of E- Commerce security. What are those?

Integrity - correctness of the information that has been transmitted or received or displayed on a website over the internet

Non-repudiation - assurance that anyone cannot deny the validity of transaction

Authenticity - ensure a person's identity are customer log in using a password, user name, bio metrics etc.

Confidentiality - Confidentiality refers to protecting information from being accessed by an unauthorized person on the internet

Privacy - privacy is used to control the usage of information by the customers that they have given to the merchant

Availability - Continuous availability of the data is the key to provide a better customer experience in ecommerce

10 of 13

3) Compare the contrast “Symmetric key encryption” and “Asymmetric key encryption” algorithms.

In Symmetric-key encryption the message is encrypted by using a key and the same key is used to decrypt the message which makes it easy to use but less secure. It also requires a safe method to transfer the key from one party to another.

11 of 13

Asymmetric Key Encryption is based on public and private key encryption technique. It uses two different key to encrypt and decrypt the message. It is more secure than symmetric key encryption technique but is much slower

12 of 13

	Symmetric	Asymmetric
Key requirement	requires a single key for both encryption and decryption	requires two key one to encrypt and the other one to decrypt.
Size of cipher text	size of cipher text is same or smaller than the original plain text.	size of cipher text is same or larger than the original plain text.
Speed of process	encryption process is very fast	encryption process is slow.
Usage	used when a large amount of data is required to transfer.	used to transfer small amount of data
Security dimension	provides confidentiality.	provides confidentiality, authenticity and non-repudiation.

13 of 13

4) Briefly describe “Digital Signature” and “Digital Certificate”.

The digital signature is a method of verifying the authenticity of a transaction, document or a message. It guarantees that the message is generated by the sender and is not modified by the external entity.

Digital certificate is issued by a trusted third party which proves sender’s identity to the receiver and receiver’s identity to the sender. �A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the identity of the certificate holder.