Skip to Main Content
Smart cards are replacing traditional magnetic cards for payment transactions. One of the main reasons is enhanced security capabilities that can be built in a smart card. With the high popularity of web technology, there is a trend towards smart cards being used as an electronic wallet for payment transactions on Internet. Most of the related work of smart card payment transactions concentrates only on the security aspects of hardware/firmware, encryption method and key management, or they only propose the online shopping protocol for uni-directional payment transaction based on the scenery of exact payment from the elastomer to merchant during business activity. We developed a prototype system called "SmartFlow" to demonstrate these kinds of business activities on Internet by smart card. The main focus of this paper is to present the framework of "SmartFlow" and some important security and privacy issues for bi-directional payment transaction with change among more than two parties involved business activity. Further, we present the application of downloading software license key from Internet into smart card in SmartFlow environment. We have already implemented a prototype "SmartFlow" system with these functionalities.