Chapter 8Conclusion & Further work8.1 Introduction

E-Commerce can be defined as one of the rapidly development mechanisms in world. There are various kinds of electronic payment systems available for customers. However,

there are some issues which should be circumvented or avoid in the existing electronicpayment system methods.

In this project first it examined the currently available e-payment authentication systems

models and identify the security threads and problems associated with them. This

objective was achieved through the prevoius research background analysis. The next

objective is to introduce a secured e-payment authentication system to minimize the

existing security threads towards to electronic commerce transitions. The introduced

solution is name as Safer Pay. The payments are authenticating by secure token that

generated through secure token generating application. This solution can provide more

security because securer code is generated in combination of the two ends. Also it equip

with other additional security enhancements. The final step is to find out up to which

level proposed system can address the current security threads for e-payment systems.acceptance testing mainly used for achieved thisThe project evaluation and the

objective. The results showed that this system can provide good security against the manuser

in the middle attacks and the phishing attacks. Also most of the users believed this system

can provide good security against the security threads towards on line electronic payment

transfer compare to existing electronic payment systems.

44

8.2 Importance of Research

Because of ,be security problems in the existing elect™* p.ymen,

customers are reluctant to use electronic commerce. Therefore it is directly impact with

the sales of the e-commerce portal.

systems some of the

In this research project there is an

payment authentication model for E-comme

to increase the security level of the

attempt to fill the research gap and find

portals. As a result this model will helpsa secure e-

rce

e-commerce portals and increase the customer confidence about the security of their payments. Finally due to the proposed

portals can enhance the customer satisfaction by providing quality secure paymente-commerce

method to their customers and it helps to save resources in industry and their customers.

8.3 Limitations of the Research

The main limitation to this research is working with security which is not an easy task

because, security is a wide area and it requires very good understanding about different

related to the security. In that case expert knowledge in these areas may require.

Also it is really difficult to find a model for assurance of hundred present security for

electronic payment systems but the proposed model will be able to minimize the security

threats comparing to issues of the existing electronic payment models. Also it requires

some time to carefully analyze things. This research project is scheduled to be completed

in less than one year, the time constraints also will be another limitation.

areas

45

8.4 Research Further Works

• The secure generating application can be developed for different platform such as Android, Apple IOS and Windows mobile

. The system can be develop for directly communicate with

of the registered banks without any user involvement.

Currently the system designed to validate electronic payment in e-commerce

portals. This design can develop to validate any kind of electronic payment such

as electronic payments in POS or any other electronic fund transferring activities.

• It is essential to implement reverse engineering prevention methods for secured

token application.

core banking systems

46

Reference

[1 ]E- Turban, J. Lee, D. King and H.M Perspective, Prentice Hall, 1999.

[2] H. Bidgoli, Electronic commerce. San Diego: Academic Press

£3]M. Niranjanamurthy and D. Chahar, 'The study of E-Commerce Security Issues and

Solutions, International Journal of Advanced Research in Computer and Communication Engineering, vol. 2, no. 7, 2013.

Chung, Electronic Commerce: A Managerial

,2002

[4] Paypal.com, 'PayPal Security Key', 2015. [Online]. Available:https .//www .paypal.com/us/cgibin? cmd=xpt/Marketing_CommandDriven/securitycenter/ PayPalSecurityKey-outside&bn_r=o. [Accessed: 05- Feb- 2015].

[5] Gary Scjmedider. “Introduction to Electronic Commerce” in electronic commerce, 9th edition., Thomson, 2007, pp. 1-50.

[6]Rana Tassabehji,Understanding e-commerce for Business,vol. 1,2009

[7] Marketing Charts, '875MM Consumers Have Shopped Online #8211; Up 40% in Two

Years’.consumers-have-shopped-online-up-40-in-two-years-3225/. [Accessed: 05- Feb- 2015].

[8] G. Udo, 'Privacy and security concerns as major barriers for e-commerce: a survey study’, Information Management & Computer Security, vol. 9, no. 4, pp. 165-174, 2001.

2008. [Online]. Available:http://www.marketingcharts.com/online/875mm-

and A. Helme, 'SURVEY OF ELECTRONIC PAYMENT[9]P. Havinga, G. Smit METHODS AND SYSTEMS’, 2013.

ion to Electronic Commerce in electronic commerce, 9th[10]Gary Scjmedider. Introduction edition., Thomson, 2007, pp.1-50.

[11 ]RanaT assabehji, Applying E-Comerce

[ 12]RanaTassabehji .Understanding e-c

in Business, New Delhi, 2003

ommerce for Business,vol.l,2009

47

[13] Emarketer.com, 'Worldwide Ecommerce , T eMarketer', 2015. [Online], Available:Ecommerce-Sales-Increase-N

rease Nearly 20% in 2014 - „ i http://wWw.emarketer.com/Article/Worldwide-early-20-2014/1011039. [Accessed: 03-Nov-2015],

[14] Nielsen, 'E-COMMERCE: EVOLUTION OR REVOLUTION', nielsen, 2014.

[15] Inc.com,7 E-Commerce Trends to Watch in 2015', 2015. [Online], Available:httj) ://www •^C'-^m/rebecca-borison/top-trends-in-econunerce-for-new-year.html.[Accessed: 03- Nov- 2015].

[16] Amasty, 'E- COMMERCE TRENDS FOR 2014', 2015.

[17] LexisNexis, '2014 LexisNexisA® True Cost of FraudSM Study', 2014.

[18] Tesch, D.; Kloppenborg, T.J.; Frolick, M.N.; It Project Risk Factors: The Project ManagementProfessionals Perspective, The Journal of Computer Information Systems; Summer 2007; 47, 4;ABI/INFORM Global, pg. 61.

[19]A. Koponen, 'E-COMMERCE, ELECTRONIC PAYMENTS', Helsinki University of Technology, Telecommunications Software and Multimedia Laboratory, 2015.

[20]G. Schneider, E-Commerce: Strategy, Technology, and Implementation, 9th ed. 2012.

[21]0. Sorokina, 'Everything You Need To Know About Social Payments, Hootsuite, 2015.

[22] G. Udo, 'Privacy and security concerns as major barriers for e-commerce: study', Information Management & Computer Security, vol. 9, no. 4, pp. 165-174,2001.

Cost of FraudSM Study', 2014.

user-centered perspective and

a survey

[23] LexisNexis, '2014 LexisNexis® True

[24]D. Abrazhevich, Electronic payment systems: interaction design. Eindhoven: TechnischeUmvers.te.t Eindhoven, •

, „ . r rrhe study of E-Commerce Security Issues and*--h in C0BP0” "d "“ion

Engineering, vol. 2, no. 7, 2013.

48

[26]P. Havinga, G. Smit and A. METHODS AND SYSTEMS', 2015

Helme, 'SURVEY OF ELECTRONIC PAYMENT

[27]D. Abrazhevich, Electronic payment systems:interaction design. Eindhoven: TechnischeUniv a user-centered perspective and

ersiteit Eindhoven, 2004.

[28]M. Niranjanamurthy and D. Chahar, The study of E-Commerce Security Issues and Solu-tions, International Journal of Advanced Communication Engineer-ing, vol. 2, no. 7, 2013.

Research in Computer and

[29]Aigbe, P., Akpojaro, J., 2014. Analysis of Security Issues in Electronic Payment Systems. Int. J. Comput. Appl. 108.

[30]Kaur, J., 2011. Empirical Study in the Security of Electronic Payment Systems Anit; Goyal.

[31]Schneier, B., 2005. Two-factor authentication: too little, too late. Commun ACM 48,136.

[32] S. J Murdoch and R. Anderson, 'Verified by Visa and MasterCard SecureCode: Or, How Not to Design Authentication', Computer Laboratory, University of Cambridge, UK.

[33] ComputerWeekly, 'Understanding web technology', 2015. [Online], Available:http://www.computerweekly.com/feature/Understanding-web-technology.tAccessed: 06-

Nov- 2015],

C—2015 [Online].http://weblogs.foxite.com/andykramek/2008/09/29/introduction-to-client-server-

architecture/. [Accessed: 06- Nov- 2015].

of HTML | From the HTML 1.0 spec to XHTML 1.0..',ilable:http://www.yourhtmlsource.com/starthere/[35] R. Shannon,'The History

Yourhtmlsource.com,2015 .[Online] .Avai historyoflitml.html. [Accessed: 10-Nov 2

Css Meuse - CSS Information’, 2015. [Online]. [36] Cssneuse.net, 'The History o . f_css.php. [Accessed: 10-Nov- 2015].Available: http://www.cssneuse.net/ - ^

[37] W3techs.com, 'Usage Statistics and Market w f cUnguages for Websites, November 2015 2o]5 T'r , TT^8http://w3techs.com/technologies/overview/nrnm- ■ ’ °nm^' Available:Nov-2015]. ^ grammmgjanguage/all. [Accessed: 09-

[38] Php.net, 'PHP: What is PHP? -... t/ ,, Manual', 2015. [Online],http://php.net/manual/en/mtro-whatis.php. [Accessed: 09- Nov- 2015],

Available:

[39] Scholar.hb.vt.edu, ’A brief history of PHP’, 2015. [Online]. Available: http://scholar.lib.vt.edU/manuals/php3.0.6/intro-history.html. [Accessed: 09- Nov- 2015].

[40] Msdn.microsoft.com, ’.NET Framework Versions and Dependencies’, 2015. [Online]. Available: https://msdn.microsoft.com/en-us/library/bb822049(v=vs.l 10).aspx. [Accessed: 09- Nov- 2015].

[41] H. MySQL, 'Database Friends: History of MySQL', Databasefriends.co, 2014. [Online]. Available: http://www.databasefriends.co/2014/02/history-of-mysql.html. [Accessed: 10-Nov- 2015].

[42] S. Tahaghoghi and H. Williams, Learning MySQL. Sebastopol, Calif.: O'Reilly, 2007.

[43] Digicert.com, 'What Is SSL (Secure Sockets Layer)? | DigiCert.com’, 2015. [Online]. Available: https://www.digicert.com/ssl.htm. [Accessed: 12-Nov- 2015].

50

Appendix

Appendix A - The System Diagrants

System Context Diagram

■Request for Register----User

<■ ■Responce- —Respooc*

BankTransaction Requesl

i i

1 * 1 i

i i

Request for Payment Process-M—Response the status

l—-Send status- Payment Processing System

•Account approve requests

Update Master profile data- -----Responce----------------

>

Responce Reports

U Request reportsUser Mangemnet

L SystemAdmin

51

Level 1 Data Flow Diagram

Manageusers

Get Responce Vy

tRegisterPersonalDetails

\_L Request Response

iISend Personal Details User D8

SystemAdminSend Details-

tRequest Response

Request to download the appUser Register Bank

with Service Manage/monitor

transactions

Generate dynamic

secure token generating app

-►

-Token downtoai-1

TransactionUpdate token DetailsDBTransaction Codei

Token DB

Enter payment Details -Update details—*I

Enter Code Received___ Send payment details—►

-i*Process

TransactionInsert

paymentDetails Request for transaction

inter the Code-** Validate one■*

timeGenerate One time

code

—Syvi the Validation statuspassword

Bank'Approve customeraccounts J*#.-----Request

---------- -

User Registration Process - Sequence Diagram

Web browserSystem Database Bank

I I II IClick on Signup link ISend Request I* I

1Diplay the page Load the page<- *-r <— I

Fill Details I I

TP> 1Basic validate

Send Details ISend to Bank details to check

XvalidateI

isend the validity

Dispay ResponceStore the client detailsK— I

Send Responce Responce4<-

Click on Download token appSend the request

iDownload App

f

Kr- r

53

User Process a Transaction - Sequence Diagram

O Web browser Payment System system database Token generator Bank

AU^er

I IRequest for make a payment

Send the request*View the page Response

Enter Payment Details'_________________________________ V*

Send the details

TP> Validate

Ask for transaction PWe-Enter password

Send the Password 'I Ask For user pw*

Send user pw«-

Validate PW

Store Logs

Send One time CodeDispalyEnter One time code Redvedl<-

GenarateCode

Send the New Code1I

Type new CodeSend the Code I Request verification Details

Send verification Details<-

Check the details^4 Send the Responce to bank Perform the transaction

Bank Respooce transaction performed successM or not DnTSend Status Of the Transact!™” II

1ILh iiDisplay the status <---------------

I II1I

54

Appendix ,■> B — System User interftaces

The System Login Interfaces

Enter Details To Login

Enter Your Username:Your Username

Forget password 7

Not register ? click here

Enter Details To Login

Username : sahan

Your Phrase : hi sahan

vcur Passwora

login

55

The Buyer Registration From

Last Name:First Name: Type here r hr'5

Type hereNIC:

Phone:Type hereemail :

Type hereC Male C FemaleGender:Address:

51SelectSelect the Bank:

Type hereAccount Number:

Type hereWord Phrase:Type hereUsername:

Transaction Password:Type hereSystem Password:

Retype Password:Retype the Password:Type here

Submit

56

The User Home Page After Successfully Login

las; access 201643-14 04.2518 Logos

SaferPaylWelcomeWelcome sahan, Love to see you back.

.-.itHomeRecent Transactions

Profile Management

Transaction Status

MangaeBanKs

Token Management

______

Transaction ID Description Merchant Amount Status Date/Time

T20160314001 Payment for Goods Ml 2000 Success 20*6-03-14 06 35 34

Payment Transfer Interface

SaferPay

sahanUsername:

! 500000 XAmount:

Not register ? click here

57

Transaction Authenticate Page

SaferPay

Amount: 500000

Transaction Code: 11458

3502462185Token Code:

Transaction Password

Verify

Secure Code Generating ApplicationSHU: x'

0J SaferPayC'Al

SaferPay

61564Transaction Code

Random Code 18820116915)

Reset

Appendixes C - System Code Listing

User class.php

<?php class user{

var Susemame; var $user_id; var $login_count; var $user_level; var $email; var Sactive; var Swordjphrase; var $last_login_date;

functionuser_check($user)

$sql = sprintf("SELECT * FROM tbl_user WHERE username = '%s"\

$result = mysql_query($sql);if (mysql_num_rows($result) > 0)

while ($row = mysql_fetch_array($result))

$this->usemame = $row[ username ],$this->active = $row['activeJlage ],$this->wordphrase = $row[,wordjphrase];$this->last logins * 1;$this->user_id = $row['user_id ];

{

$user);

{

{

}return 0;

}else{

return 1;}

}59

function login($user,$pass)

Spass = shal($pass);

AND system= '%S' Sresult - mysql_query($sql); if (mysql_num_rows($result) > 0)

while (Srow = mysql_fetch_array(Sresult))

$this->set_Iogin_count($user);$this->email = Srow['email'];Sthis->first_name = $row['first_name']; $this->last_name = $row['last_name']; $this->last_login_date = $row['last_Iogin_date']; $this->login_count = $row['login_count']; $this->user_level = $row['usergroup'];

{

}return 0;

}else{

return 1;}

}functiontransaction_login($user, Spass){

Spass = shal (Spass);$Sql = sprintf("SELECT * FROM tbl_user WHERE username = '%s'

AND transactionjpassword = '%s' AND active_flage = V", Suser, Spass);Sresult = mysql_query($sql);if (mysql_num_rows($result) > 0)

{ while (Srow = mysql_fetch_array($result))

$this->user_id = $row['user_id],

}return 0;

}else

60

{return 1;

}}

functionget_emaiI($user){

AND active = V3! j^*,9:"SELECT * FROM .bl_user WHERE username = ’%s’

$result = mysql_query($sql); if (mysql_num_rows(Sresult) > 0){

while (Srow = mysql_fetch_array($result))

Semail = $row['email'];}return Semail;

}else{return 'Error';}

}

functionget_login_count($user)

Scount = 0;$sql = "SELECT * FROM tbl_user WHERE username = 'Suser'”; Sresult = mysql_query($sql); while (Srow = mysql_fetch_array(Sresult))

Scount = $row['login_count'];

{

{

}return Scount;

}

functionset_login_count($user)

Slcl = $this->get_login_count($user);$lcl=$lcl + l;Sdate = date('Y-m-d H:i:s’); .$sql - sp JfC'UPDATE SET »gm_

last_login_date = 'Sdate' WHERE username- /os , Suser) , Sresult = mysqLquery($sql),

{

count = 'Slcl',

}61

functiondeleteLaPP__user($user,$id){

requireCsecurity.class.php’);$sec = new securityO;Suser = $sec->filter($user);$id = $sec->filter($id);

- ■%<!■, $uSr$id)t,“:"SELECT * from ,bLus" where use™me - ■%s’ AND aid

Sresult = mysql_query($sql); if (mysql_num_rows($resu!t) > 0){

Squery = sprintf("DELETE FROM tbl user WHERE username ='%s' AND aid = ’%d"\ Suser,Sid);

Sres = mysql_query($query);$q = sprintf("SELECT * FROM tbl user WHERE username = '%s'

AND aid = '%d'", Suser,Sid);Sr = mysql_query($q); if (mysql_num_rows($r) > 0){

return 2;}else{

//require('log.class.php');//Slog = new log_file0;//$log->write_log($_SESSION['sta_sys_un'], "Delete

User", "Suser", "process");return 0;

}

}else{

return 1;}

}functiondisable_app_user($user, Sid)

requireCsecurity.class.php),$sec = new securityO;Suser = $sec->filter($user); Sid = $sec->filter($id);

{

62

$sql = sprintf("SELECT *,%d,H, Suser, $id);

Sresult = mysql__query($sql);

if (mysql_num_rows($result) > 0)

FROM tbl__user WHERE username = *%s'AND aid =

{,0/ , a xt $query = sprintfCUPDATEtbl user SET active

username = ’%s’ AND aid = '%d"\ $user, Sid);Sres = mysql_query($query);

a xrr, „ a m $q = sPrintf(nSELECT * FROM tbl user WHERE username = *%s’AND aid = %d AND active = fN,n, Suser, Sid);

Sr = mysql_query($q);if (mysql_num_rows($r) > 0)

= lN* WHERE

{//requireClog.class.php');//Slog = new log_fileO;//$log->write_log($_SESSION[,sta_sys_un'], "Disable

User", "Suser", "process");return 0;

}else{

return 2;}

}else{

return 1;}//return 0;

}

functionenable_app_user($user,$id)

require('security.class.php);Ssec = new security();Suser = $sec->filter($user);Sid = $ sec-> ft lter($ id);

{

* FROM tbl__user WHERE username %s$sql = sprintfC’SELECTAND aid = ,%d,H, Suser, Sid);

Sresult = mysql_query($sql),if (mysql_numjrows($result) > )

63

{

username = '%s' AND a^r^d^TuSrlsid^TE*“mysql_query($query);

AND aid = '%d' AND active^?-, SSd);^^ WHERE usemame = '%s'

Sr = mysql_query($q); if (mysql_num_rows(Sr) > 0)

//require('log.class.php');//Slog = new log_file0;//$log->write_log($_SESSION['sta_sys_un'], "Enable

return 0;

_user SET active = T WHERESres =

{

User", "Suser", "process");

}else{

return 2;}

}else{

return 1;}

}

functiongeneratePassword ($ length = 8)

Spassword

"0123456789abcdfghjkmnpqrstvwxyz!#&@%*ABCDEFGHIJKLMNOPQRSTUVWXY

Z!#&@%*0123456789";Si = 0;while ($i< $ length)

$char = substr($possible, mt_rand(0,strlen($possible)-l), 1), if (! strstr($password, $char))

Spassword ,= Schar;$i++;

{_ mi.

{

{

}}return Spassword;

}

64

functionchange_password($user, $old_pass, Snew_pass)

require('security.class.php'); include("database.php");Ssec = new securityQ;$user = $sec->fdter($user);$old_pass_enc = shal($sec->filter($oldjpass));$new_pass_enc = shal($sec->filter($new_pass));

$sql = sprintf("SELECT * FROM tbl_user WHERE username = '%s' AND password = ’%s' AND active= 'Y'", Suser, Sold_pass_enc);

Sresult = mysql_query($sql); echomysql_num_ro ws(Sresult);$act_date = date("Y-m-d"). " " . date("H:i:s"); if (mysql__num_rows($result) > 0)

SsqlOl = sprintf(nUPDATE tbl_user SET password = ^s'jflag^’^s’ WHERE username-%s,M, $new_pass_enc,,A', Suser);

SresultO 1 = mysql_query($sqlO 1);$sql02 = sprintf(" SELECT * FROM users WHERE tbl_user = ’%s'

AND password = '%sf AND active = *Y,W, Suser, $newjpass_enc);Sresult02 = mysql_query(Ssq!02);

{

if (mysql_num_rows($result02) > 0)

//requireClog.class.php’);//$log_fil = new log_file();//$log_fil->write_log($user, "Password Changed","",

{

"Asset Management System");return 0;

}else{

return 1;}

}else{

return 2;}

}

}?>

65

security.class.php<?phpclass security{

function filter(Scontent){

Scheckjist = array(";" "DELETE","update","Offset", "offset");

, DROP , Drop , drop", "UNION", "Union", "union", "OFFSET",

5 5

Scontent = str_ireplace('"", "", Scontent);^content = str_ireplace($check_list, "", Scontent, Scount); if (Scount > 0){

return";}else{

return Scontent;}

}

functionfilter_for_mssql($content){

"GRANT", "Grant", "grant", "INSERT", "Insert", "insert”,$check_list = array("; ,"DELETE", "Delete", "delete","REVOKE", "Revoke”, "revoke", "UPDATE", "Update",

"DROP", "Drop", "drop", "UNION", "Union", "union", "OFFSET",t»_ll"update","Offset", "offset");

, Scontent);Scontent = str_ireplace(""\ "" Scontent = strJreplace($checkJist, if (Scount > 0)

, Scontent, Scount);tin

{return 'Error';

}else{

return Scontent;}

}functionlitejFilter(Scontent)

Scheckjist = arrayrV--"); Scontent = str_replace($checkjist,

{, Scontent);Mil

66

return Scontent;

}}?>

log.class.php

<?phpclasslogjFile{

functionwrite_log($user, Sdesc, SrefNo, $type)

//$log_date = date("Y-m-d");$log_date = date("Y-m-d").$log_user = Suser;$log_desc = Sdesc;SrefNo = SrefNo;$log_type = Stype; //process,$q_log = "INSERT INTO tbl_log (log_user, log_date, description,

refNo,type) VALUES('$log_user','$log_date','$log_desc','SrefNo',1,$log_type')"; mysql_query($q_log); if (Sdesc = ’Login’)

ii ii . date("H:i:s");

{$this->write_to_user_log($user,2);

}}

}?>

The windows scrip file use to execute the Secure Token Generating Application

«SSSS5^”'==SSS--msbuild saferPay.sln echo build complete

call

67

PHPcode used run the scrip

exec("vc.batM);

paymentfinsh.php

<?phpsession_stai*t();require(Mdatabase.phpn);$match_code=0;$status="";$transaction_cid-"';if(isset($_POST[,Verify]) && $_POST[TVerify] = "Verify"){

$match_code=0;$token_id=0;$app_c°de = $_POST[’txt_token'];Spassword = $_POST['txtjpassword']; $usemame=$_SESSION[,usemame'];$tr_number=$_SES SION['tr_number'];$bank_code=n";$sql=MSELECT* FROM tbl_user whereusemame-Susemame’"; Sresult = mysql_query($sql);

while($roow = mysql_fetch_array($result)){

$token_id = $roow['token_id'];}

$match_code=($token_id-l)*($tr_number-l); requireCuser.class.php');$logJnum^n^useTcIls->transaction_login($usemame,$password);//pass UN and

$user id = $user_cls->user__id,PW

$resu,'°1TSS"$bank_code = $roow['br_id'];

$today = date("Y-m-d H:i:s");$usemame= $_SESSION['usemame ];

{

}

68

$m_code="Ml"; $amount=$__SESSION[,amount']; Sdescription-'Payment for Goods"; $status="Success";$temp_id= dateCYmd');Stempjd = "T".trim($temp_id);

SsqlOl - SELECT MAX(transaction_id) AS maxn From tbi_transaction_details WHERE transaction_id LIKE 'Stemp id%'";

//echo SsqlO 1;SresOl = mysql_query($sql01);while (SrowOl = mysql_fetch_array($res01))

if (is^nullCSrowOlt'maxn']) || SrowO 1 [’maxn'] = NULL ||{

SrowOl ['maxn'] == ""){

SmaxnumOl = "001";SmaxnumOl = Stemp_id.$maxnum01; $transaction_id = SmaxnumOl;

Ssql002="INSERT INTOtbl_transaction_details(transaction_id,user_id,amount,date_time,bank_id,m_id,descriptio njStatus^ALUESCStransaction^dVSuserJdVSamountVStodayVSbank-CodeVSn^codeV SdescriptionVSstatus')";

mysql_query(Ssql002,Sconn);if (mysql_affected_rows(Sconn) > 0){

Sstatus-'Success";}

}else{

StempmaxOl = SrowOl ['maxn'];StempmaxOl = substr($tempmax01, -3); StempmaxOl = StempmaxOl + 1;//echo "<br>".StempmaxO 1 ."<br>"; $transaction_id = StempmaxOl; if (StempmaxOl <= 999)

if (StempmaxOl < 10)

StempmaxOl = "00".Stempmax01;

else if (StempmaxOl < 100)

{

{

}

{

69

Stempmax01= "0".StempmaxOl;

else if (StempmaxOl < 1000)

StempmaxOl =$tempmax01;

StempmaxOl = $temp_id.$tempmax01; $transaction_id = StempmaxOl;

}

{

}

Ssql002="INSERT INTOtbl_transaction_details(transaction_id,user_id,amount,date_time,bank_id,m_id,descriptio n,status)VALUES(,$transaction_idV$user_idV$amountV$today,,'Sbank codeVSm code’/ $description','$status')";

mysql_query($sql002,$conn); if (mysql_affected_rows(Sconn) > 0){

Sstatus-’Success";Ssql03 = "SELECT MAX(transaction_id)

AS tmaxn From tbl_transaction_details";Sres03 = mysql_query(Ssql03);

while(Sroow3 = mysql_fetch_array($res03)){

Stransaction cid =Sroow3 ['tmaxn'];

}}

} }}

}else{

$status="Fialed";}

}?>

70

Appendix . D — The Questionnaires

User Acceptance Test Questionnaire

Objective

To find out that the system meets the user requirements.

Agreed Natural Not Agreed

This system has user friendly interfaceand can easily learn

The system has quick response timeThe procedures were simple and re­quired minimum number of steps

The system can provide good security against the security threads towards on line electronic payment transferCompare with existing electronic pay­ment systems, I feel secure and com­fortable when I am using the system

71