Security System Analysis Paypal Term Paper

Pages: 5 (1413 words)  ·  Bibliography Sources: 1+  ·  Level: College Senior  ·  Topic: Education - Computers  ·  Buy This Paper

SAMPLE EXCERPT:

[. . .] SSL handshake protocol on the other hand determines the session key or the secret key. The SSL handshake protocol initiates the transaction process by sending the SSL version number and other data such as the cipher settings to the server. The server, in return, sends its SSL version, cipher settings and a digital certificate to the client. Once the certificate from the Paypal server is received the client verifies its authenticity with a certificate authority such as VeriSign. This verification ensures that the public key sent by the server through the certificate is genuine. Once the server is authenticated the client machine creates a 'Premaster Key', encrypts it using the public key supplied by the server and sends back the encrypted 'Premaster key' to the server.

Upon receiving the 'Premaster key' the Paypal server generates the 'Master secret' by decrypting the 'Premaster Key' using its private key. The 'Master key' thus generated is used to determine the 'Session key'. The server finally passes on the session key to the client and all further exchange of data for that particular session are done in an encrypted form using the session key. Since the 'Session Key' is a symmetrical one the encrypted message is decrypted at the server. [Chip, November 2000, 4].

Disadvantages of SSL

While SSL offers a safe and secure way of transferring sensitive information online there are some obvious disadvantages compared to other protocols such as Kerberos in that the VeriSign certificate is permanently stored on the client's hard disk which involves a certain degree of risk as it gives a chance for potential hackers to have a go at the encrypted certificate. Furthermore the Certification Company has to maintain a revocation server to deal with problem of a compromised certificate. The system overheads caused due to encryption and decryption tend to slow down the speed. [Faqs.org]

Paypal's Encryption and Firewall Protection

The most commonly used encryption methods are the 40 bit or 128 bit systems. Paypal uses 128-bit encryption, which is one of the most robust and highly safe technique by present day encryption standards. A 40-bit encryption by itself generates billions of keys from which only one will be used as the session key. 128 bit encryption which is the standard adopted by Paypal makes it all the more safe and virtually impossible for a potential hacker to tamper with as it generates around (1026* 3) more keys when compared with the 40 bit encryption. The Paypal database which stores all the personal information is behind a firewall and this restricts access to data only to authorized persons. [Chip, November 2000, 6]

Legal Liability

The web being an anonymous medium, even the comprehensive security measures implemented by Paypal cannot guarantee the authenticity of each and every transaction and hence the security measures greatly reduce though do not totally eliminate the risk factors and consequently there are liabilities. Any claim that arises out of the loss incurred by the bank (where paypal maintains an account) is subject to 'FDIC pass through deposit insurance coverage'. [Paypal]

Conclusion

Paypal is definitely one of the hassle free methods of transferring funds on the Internet in view of the security measures that are enforced. The implementation of highly secure SSL protocol ensures the safety of sensitive information and the use of 128 bit data encryption method renders the information useless to the hacker even if he manages to gain access to encrypted data. However there is a glaring security risk in that the SSL protocol stores the Digital certificate permanently in the client system (though in the encrypted form) which presents a possibility for the miscreant to dabble with. In conclusion we might say that with the present safeguarding features such as the firewall, SSL protocol, and a comprehensive encryption technique Paypal is one of the secure online payment networks.

Bibliography

Bplnet.com, "Internet Technology Primer: Secure With SSL ' Chip Magazine, November 2000

Paypal Inc., "FDIC pass Through Insurance," Accessed on July 26th, 2003, http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/fdic-outside

Designed by Faqs.org, "Advantages and Disadvantages of Kerberos Vs SSL," Accessed on July 26th, 2003, http://www.faqs.org/faqs/kerberos-faq/general/section-31.html

Paypal Inc., "Privacy Policy," Accessed on July 26th, 2003, http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside [END OF PREVIEW]

Four Different Ordering Options:

?
Which Option Should I Choose?

1.  Buy the full, 5-page paper:  $26.88

or

2.  Buy & remove for 30 days:  $38.47

or

3.  Access all 175,000+ papers:  $41.97/mo

(Already a member?  Click to download the paper!)

or

4.  Let us write a NEW paper for you!

Ask Us to Write a New Paper
Most popular!

Ebay: SWOT Analysis Company Overview SWOT


Information System on Ethical and Moral Issues Research Paper


Enterprise Resource Systems Term Paper


Using Cloud Computing to Combat DDOS Attacks Research Paper


Technology Issue in Information Assurance Term Paper


View 25 other related papers  >>

Cite This Term Paper:

APA Format

Security System Analysis Paypal.  (2003, July 27).  Retrieved February 23, 2019, from https://www.essaytown.com/subjects/paper/security-system-analysis-paypal/2259670

MLA Format

"Security System Analysis Paypal."  27 July 2003.  Web.  23 February 2019. <https://www.essaytown.com/subjects/paper/security-system-analysis-paypal/2259670>.

Chicago Format

"Security System Analysis Paypal."  Essaytown.com.  July 27, 2003.  Accessed February 23, 2019.
https://www.essaytown.com/subjects/paper/security-system-analysis-paypal/2259670.