Secure Socket Layer (SSL) is the normal security technology for establishing an associate encrypted link between an internet server and a browser. This link ensures that each knowledge passed between the online server and browsers stays personal and integral. SSL is associate trade normal and is employed by numerous websites for the protection of their online transactions with their customers. SSL permits counseling like Social Security numbers, MasterCard numbers, or login credentials to be transmitted firmly.
Secure Electronic Transaction (SET):
Secure Electronic dealings (SET) could be a system for making certain the safety of economic transactions on the web. it was supported at the start by Mastercard, Visa, Microsoft, Netscape, and others. With SET, a user is given an associate degree electronic case (digital certificate) and dealings are conducted and verified employing a combination of digital certificates and digital signatures among the client, a merchant, and also the purchaser’s bank during a means that ensures privacy and confidentiality. SET makes use of Netscape’s Secure Sockets Layer (SSL), Microsoft’s Secure dealings Technology (STT), and Terisa System’s Secure machine-readable text Transfer Protocol (S-HTTP). SET uses some however not all aspects of Public Key Infrastructure (PKI).
Advantages of SSL:
- Security: SSL provides encryption and authentication, which helps to secure sensitive data and protect against unauthorized access.
- Trust: SSL establishes trust between the user and the website, which can increase user confidence and reduce the risk of fraud.
- Compliance: SSL is required by many regulatory bodies and industry standards, such as PCI DSS, to ensure the security of online transactions.
- Compatibility: SSL is compatible with most web browsers and web servers, and can be easily integrated into existing websites and applications.
-
Versatility: SSL can be used for various purposes, such as securing online transactions, protecting email communication, and securing remote access.
Disadvantages of SSL :
- Cost: SSL certificates can be expensive, especially for higher levels of validation, which can be a barrier for small businesses and personal websites.
- Performance: SSL encryption can add overhead to the server and client, which can increase latency and decrease performance, especially on older devices and slower connections.
- Complexity: Implementing SSL can be complex, especially for larger organizations with multiple servers and domains.
- Maintenance: SSL certificates require regular maintenance, such as renewal and revocation, which can be time-consuming and add administrative overhead.
- False sense of security: SSL does not guarantee the security of a website or protect against all types of attacks, such as phishing or social engineering.
Advantages of SET :
- Security: SET provides end-to-end encryption and authentication, which helps to protect against fraud and unauthorized access to sensitive data, such as credit card information.
- Privacy: SET allows customers to keep their payment information private from merchants, which can increase trust and reduce the risk of identity theft.
- Compliance: SET is compliant with industry standards, such as the Payment Card Industry Data Security Standard (PCI DSS), which can help to ensure the security of online transactions and reduce the risk of regulatory penalties.
- Integration: SET can be easily integrated into existing payment systems and applications, and can work with a wide range of payment methods, such as credit cards, debit cards, and electronic checks.
-
Accountability: SET provides a clear record of transactions, which can help to resolve disputes and provide evidence in case of fraud or legal disputes.
Disadvantages of SET :
- Complexity: SET can be complex to implement and maintain, especially for small businesses and organizations with limited resources and technical expertise.
- Cost: SET can be expensive to implement and maintain, especially for small businesses and organizations with limited budgets.
- Compatibility: SET requires both the customer and the merchant to have compatible software and hardware, which can limit its adoption and increase implementation costs.
- Performance: SET can add overhead to payment processing, which can increase latency and decrease performance, especially on older devices and slower connections.
- Limited adoption: SET has not been widely adopted, especially in comparison to other payment processing protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
Difference between Secure Socket Layer (SSL) and Secure Electronic Transaction (SET):
| S. No. | Secure Socket Layer | Secure Electronic Transaction |
|---|---|---|
| 1. |
Basics- SSL is an encryption mechanism for order taking, queries, and other applications and is available on the customer’s browser. It does not protect against all security hazards and is naturally simple and widely used. SSL is a protocol for general-purpose secure message exchange. SSL protocol may use a certificate, but the payment gateway is not available. So, the merchant needs to receive both the ordering information and credit card information because the capturing process should be generated by the merchant. SSL protocol has been the industry standard for securing internet communication. |
Basics- SET is a very comprehensive protocol. It provides privacy, integration, and authenticity. It is not used frequently due to its complexity and the need for a special card reader by the user. It may be abandoned if it is not simplified. SET is tailored to the credit card payment to the merchant. SET protocols hide the customer’s credit card information from merchant and also hides the order information from banks to protect privacy called a dual signature. The SET protocol is complex and more secure. |
| 2. |
Developed by- SSL protocol was developed by Netscape for the secure online transaction. |
Developed by- The SET protocol was jointly developed by MasterCard and visa to secure web browsers for a bank card transaction. |
| 3. |
Working- SSL uses a combination of public-key and symmetric-key encryption to safeguard data transactions. The handshake technique is used by the SSL protocol, which permits the server to verify its identity to the client. In case of unsuccessful authentication, the connection will not be formed. |
Working- The dual signature mechanism is deployed by SET to safeguard a transaction. To use an e-commerce site, SET requires the purchase of software. The design of the protocol necessitates the client’s installation of an e-wallet. |
| 4. |
Integrity- The technique of Hash functions is used for this purpose. |
Integrity- The technique of digital signatures is used for this purpose. |
| 5. |
Acceptability- Its acceptability is more as compared to SET. |
Acceptability- SET acceptability is less because it’s necessary to build an open PKI. |
| 6. |
Functionality- The Secure Sockets Layer (SSL) is not a payment protocol. SSL encrypts the communication channel between the cardholder and the merchant website and is not backed by any financial institution. As a result, SSL is unable to ensure the security of a transaction. |
Functionality- SET was created with the sole purpose of securing and ultimately guaranteeing a payment transaction. For example, increase in the possibilities for online retail growth only when consumer confidence grows in online shopping. |
| 7. |
Encryption- The purpose of SSL lies in prevention of data tampering in client/server applications and has considerably weaker encryption, with a maximum of 128-bit encryption. |
Encryption- SET, which was created expressly to address the security of all parties involved in an electronic payment transaction, uses 1024-bit encryption throughout the transaction. |
| 8. |
Authentication- SSL certificates are not endorsed by any financial institution or payment brand association, so they cannot effectively validate all parties. |
Authentication- Here, all parties get authentication to the transaction because SET’s certificates are backed not just by a Certificate Authority, but also by financial institutions and MasterCard International. |
| 9. |
Security- SSL only protects the cardholder and the merchant, which is insufficient to prevent fraud. SSL transactions, in other words, are never assured. |
Security- SET enables transaction security from the cardholder’s desktop to the merchant via bank approvals and back through the gateway, leaving an indisputable audit trail and, as a result, a guaranteed transaction. |