Trust Issues in Ecommerce

Secure Periodical Payments

Electronic periodical payments, or direct debits, are a popular payment mechanism in many countries. These are where customers can authorise merchants to bill them repeatedly for the provision of some service without further interaction with them being required. However, as currently implemented, there are often very few restrictions on these payments, and ambiguity about how they can be cancelled. Our research has been into ways of including a clearly specified contract between the customer and the merchant in a signed restricted X.509 proxy certificate, that the merchart subsequently uses to request and validate payments. We believe the use of commonly accepted technologies like X.509 certificates and web services may assist in the acceptance of these proposals.

Some of our results to date may be seen in our papers:

Assesing Trust of Web Services

Mechanisms for providing suitable levels of trust in the identities of the parties to Ecommerce applications is a topic with many unresolved issues. The traditional mechanisms of face-to-face contact and reputation often do not translate into the electronic realm. New mechanisms based around the use of cryptograpic algorithms and digital certificates issued by Certification Authorities are evolving, but their use in practical applications, and means for providing transitivity of trust through chains of certificates are still not well understood.

Currently, Dr Lawrie Brown in conjunction with his colleagues Dr Ed Lewis, Dr Jan Newmarch, and our research students, are investigating these issues from several aspects, including from the perspective of the customer, as well as the business provider.

Some of our results to date may be seen in our papers:

Back to Lawrie's Research Interests
Dr Lawrie Brown / 23 Mar 2010