Secure Electronic Transaction (SET)

What Is Secure Electronic Transaction (SET)?

Secure electronic transaction (SET) was an early communications protocol used by e-commerce websites to secure electronic debit and credit card payments. Secure electronic transaction was used to facilitate the secure transmission of consumer card information via electronic portals on the internet. Secure electronic transaction protocols were responsible for blocking out the personal details of card information, thus preventing merchants, hackers, and electronic thieves from accessing consumer information.

Understanding Secure Electronic Transaction (SET)

Secure electronic transaction protocols were supported by most of the major providers of electronic transactions, such as Visa and MasterCard. These protocols allowed merchants to verify their customers' card information without actually seeing it, thus protecting the customer. The information on the cards was transferred directly to the credit card company for verification.

The process of secure electronic transactions used digital certificates that were assigned to provide electronic access to funds, whether it was a credit line or bank account. Every time a purchase was made electronically, an encrypted digital certificate was generated for participants in the transaction–the customer, merchant, and financial institution–along with matching digital keys that allowed them to confirm the certificates of the other party and verify the transaction. The algorithms used would ensure that only a party with the corresponding digital key would be able to confirm the transaction. As a result, a consumer’s credit card or bank account information could be used to complete the transaction without revealing any of their personal details, such as their account numbers. Secure electronic transactions were meant to be a form of security against account theft, hacking, and other criminal actions.

History of Secure Electronic Transactions

The development of secure electronic transaction protocols were a response to the emergence and growth of e-commerce transactions, especially consumer-driven purchases over the internet. Conducting business online was a new phenomenon in the mid-1990s. Similarly, the security available to protect these transactions was still developing and was effective in varying degrees. The protocols defined by the secure electronic transaction standards allowed for online payment systems to be used by retailers and financial institutions because they had the appropriate software to decrypt and process digital transactions properly. In 1996, the SET Consortium–a group that consisted of VISA and Mastercard in cooperation with GTE, IBM, Microsoft, Netscape, SAIC, Terisa Systems, RSA, and VeriSign–established the goal of combining incompatible security protocols (STT from Visa and Microsoft; SEPP from Mastercard and IBM) into a single standard.

Other standards for digital security for online debit and credit card transactions emerged after the protocols defined by secure electronic transactions were introduced. Visa, one of the early proponents for secure electronic transactions, eventually adopted a different protocol, called 3-D Secure, as its framework for the secure digital payments and transactions of its customers. The 3-D Secure method is an extensible markup language (XML)-based protocol designed to be an additional security layer for online credit and debit card transactions.

It was originally co-written by Visa and Arcot Systems (now known as CA Technologies). Similar protocols based on 3-D Secure are now used by Mastercard, Discover, and American Express.