Home‎ > ‎Donations‎ > ‎Transaction Process‎ > ‎

Secure Electronic Transaction

Secure Electronic Transaction (SET)


What is SET ?

SET stands for Secure Electronic Transaction. It is a system that will allow you to make purchase on the Internet with your credit card, without having to worry whether your credit card information and/or your personal data will be compromised. SET is system to secure credit card transaction over the Internet using a new payment mechanism.

The SET protocol is a joint development effort between Visa and Mastercard in collaboration with a number of technology leaders including Netscape, RSA, VeriSign and others for secure and cost effective method of payment transaction over any type of network including the Internet. It is emerging as the accepted standard for secure on-line payment card transactions and is expected to be the driving force behind the growth of electronic commerce.

SET uses digital certificates and cryptography to:
  1. ensure confidentiality of information
  2. ensure payment integrity
  3. authenticate the parties involved during a SET transaction

By employing digital signatures, SET enables merchants to verify that buyers are who they claim to be. It will also protect buyers by providing a mechanism for their credit card number to be transferred directly to the credit card issuer for verification and billing without the merchant being able to see the number. Since SET was designed with credit card transactions in mind, it leverages off the existing payment card infrastructure and card base.

There are mainly six entities involved in SET. The next section briefly discusses these entities.

  1. Certificate Authority (CA)
    The Certificate Authority (CA) issues and manages digital certificates that provide proof of identity of all parties involved in a SET transaction. It manages the creation and distribution of digital certificates for cardholders, merchants and payment gateways.
  2. SET Payment Gateway
    The payment gateway is the bridge between SET and the existing payment network. The payment gateway translates SET messages for the existing payment system to complete an electronic transaction.
  3. SET Merchant Point of Sale Server
    A merchant offers goods or services for sale in the Internet and accepts electronic credit card payments. Merchant that accepts payment cards must have a relationship with an acquirer. The merchant Point of Sale Server provides an interface between the cardholder and the acquirer payment gateway.
  4. Cardholder and Electronic Wallet
    Cardholder is an authorized holder of a payment card supported and issued by an issuing bank. Cardholders use electronic wallets to store digital representations of credit cards and make purchases with them. SET ensures that the interactions the cardholder has with a merchant keep the payment card account information confidential.
  5. Acquiring Bank
    An acquirer is the financial institution that establishes an account with a merchant and processes payment card authorizations and payments.
  6. Issuing Bank
    The issuing bank establishes an account for a cardholder and issues the payment card to the cardholder. The issuer guarantees payment for authorized transactions using the payment card.

How SET works?

SET uses public key encryption and digital certificates to provide a secure transmission of credit card information in order to complete a transaction. The following example of a cardholder performing electronic shopping illustrates how SET works.

SET Transaction Diagram

Secure Electronic Transaction(SET) Transaction Diagram

Steps in SET transaction

  1. Card Holder connects to the ADFM website (www.adfm.org.my) via Internet.
  2. Card Holder clicks on 'Donation' button to donate. Enters Name as appeared on Credit Card , Billing Address and Amount to be donated.
  3. Card Holder confirms the transaction and chooses to use SET. The Card Holder need to have a software called a SET e-wallet installed on his computer. The Card Holder will be prompted download and install the software if it is not already present. The SET e-wallet will hold the Card Holder's Credit Card Details and is password protected. Upon Authorization by the Card Holder, the SET e-wallet will initiate a transfer of the Credit Card details encrypted in SET protocol to the Payment Server.
  4. Payment Server encrypts all info passed to it into SET and transmits the info to MEPS.
  5. MEPS then passes the encrypted info to the Acquiring Bank (where ADFM has opened a Merchant Account)
  6. Acquiring Bank will check with the card issuer for validation to prevent fraud.
  7. Card issuer will inform acquiring bank of the authorisation status. Acquiring bank will pass the information to ADFM through the payment server via MEPS.
  8. Upon Authorization received from Card Issuer, ADFM will be authorized to complete the transaction (carry out a capture). This will occur every 14 days to give the Acquiring Bank and Issuing Bank time to detect unreported fraud.
  9. When ADFM captures the transaction, the card issuer will pay the amount into ADFM's merchant Account.
  10. Card Holder is issued a monthly statement and pays for all transactions.