Credit Card Secure Docuement

8/14/2019 Credit Card Secure Docuement

1/57

CARD SECURE PURCHASE ALERT SYSTEM

A PROJECT REPORT

Submitted by

VADIVELU.B

(Registration Number: 41406621052)

In partial fulfillment for the award of the degree

Of

MASTER OF COMPUTER APPLICATIONS

In

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

PRINCE SHRI VENKATESHWARA PADMAVATHY

ENGINEERING COLLEGE, PONMAR

ANNA UNIVERSITY: CHENNAI 600 025

June 2009


2/57

BONAFIDE CERTIFICATE

Certified that this project report titled CARD SECURE PURCHASE ALERT is the

bonafide work of Mr.VADIVELU (Registration Number: 414066210252) who carried

out the research under my supervision. Certified further, that to the best of my knowledge

the work reported herein does not form part of any other project report or dissertation on

the basis of which a degree or award was conferred on an earlier occasion on this or any

other candidate.

Supervisor Head of the Department

Submitted for the Project and Viva Examination held on ____________________

Internal Examiner External Examiner


3/57

Abstract

The Card Secure Purchase Alert is a real-time fraud mitigation and 2 way

communication alert platform embedded in the payment stream resulting in quick

response, no false positives, and no disruption to the payment process.

Using secure web and mobile based technology, Purchase Alert can identify a

fraudulent payment transaction within seconds and put the consumer in immediate

contact with the consumers bank either through an instantly generated text message,

email or telephone call allowing the consumer to instantly respond and communicate with

the bank.

Effective and affordable fraud detection tool that reduces time and costs of fraud

mitigation, Customization and flexibility that incorporates your organization's baseline

rules to align with policy and safeguards Multi-channel functionality that meets the

diverse channel preferences of your accountholders-be it mobile, PDA, email, land line,

etc.


4/57

ACKNOWLEDGEMENT

I am delighted to thank our honorable Chairman Dr. K. VASUDEVAN, M.A., B.Ed.,

Ph.D., for giving us an opportunity and the trust members for the completion of this

project at this institution.

I would like to thank our Principal Prof. T.SOUNDERRAJAN, M.Tech., (Ph.D)., of

Prince Shri Venkateshwara padmavathy engineering college for providing me an

opportunity to carry out this project.

I express my sincere thanks to Mrs. S. Banumathi M.C.A., M.Phil, (Ph. D) Internal

Guide PG Department Shri Venkateswara Padmavathy Engineering College Ponmar,

Chennai.

With profound indebtedness I thankMr. Vikrama cholan M.C.A, Anju soft(india)

private limited chennai for her constant encouragement and expert guidance throughout

the project.

I express my thanks to all my department faculty members and technical staff members

for providing necessary information and their sustained interest in my part of fruitful

completion

Last but not the least, I put my sincere thanks to My Parents and Friends who helped

me in the course of my project.


5/57

CONTENTS

CHAPTER NO TITLE PAGE NO

List of Tables

List of Figures

List of Abbreviations

1 Introduction

1.1 Company Profile

1.2 Objective

2 System Analysis

2.1 Existing System

2.1.1 Drawbacks

2.2 Proposed System

2.3 Feasibility Study

2.3.1 Economical Feasibility

2.3.2 Operational Feasibility

2.3.3 Technical Feasibility

3 System Specification

3.1 Hardware Requirements

3.2 Software Requirements

4 Software Description

4.1 Front End

4.2 Features


6/57


7/57

LIST OF TABLES

TABLE NO. TITLE PAGE NO.

3.5.1 LOGIN 26

3.5.2 MY PROFILE

3.5.3 CARD TYPE 27

3.5.4 TRANSACTION

3.5.5 RULE

3.5.6 MERCHANT

3.5.7 FINANCIAL INSTITUTION

LIST OF FIGURES

FIGURE NO TITLE

PAGE NO

3.3 SYSTEM ARCHITECTURE 16

3.3.1 LEVEL 0 DATA FLOW DIAGRAM 17



3.3.4 ER DIAGRAM 20

3.3.5 HOME PAGE 21

6.1.1 LOGIN PAGE 40

6.1.2 REGISTRATION PAGE 41

6.1.3 VIEW MY PROFILE FORM 42


8/57

6.1.4 DEFINE DEBIT\CREDIT CARD 43

6.1.5 TRANSACTION 44

6.1.6 RULE BUILDER 45

6.1.7 MERCHANTS\FINANCIAL INSTITUTION 46

LIST OF ABBREVATIONS

ASP - Active Server Pages

HTML - Hyper Text Markup Language

URL - Uniform Resource Locator

SQL - Structured Query Language

IIS - Internet Information Services

GUI - Graphical User Interface

UML - Unified Modeling Language


9/57


10/57

1.2 Objective

The Card Secure Purchase Alert is a real-time fraud mitigation and 2 way

communication alert platform embedded in the payment stream resulting in quick

response, no false positives, and no disruption to the payment process. Using secure web

and mobile-based technology, Purchase Alert can identify a fraudulent payment

transaction within seconds and put the consumer in immediate contact with the

consumers bank either through an instantly generated text message, email or telephone

call allowing the consumer to instantly respond and communicate with the bank.


11/57

CHAPTER 2

SYSTEM ANALYSIS

2.1 Existing system

In earlier system, notification of transaction in any type of card Standard like

VISA, MASTER CARD etc, is received by the card holder after transaction.

The consumer has no way to control the purchasing power

(i.e.) for account holders, the existing system did not provide any additional security.

There is no security and reliability in payment translations in existing systems.

The existing system has no solution for reduce the time and expense of fraud

mitigation.

2.1.1 Drawbacks

The consumer has no way to control the purchasing power.

The existing system has no solution for reduce the time and expense of fraud

mitigation.

There is no financial security with a single source to monitor all accounts.

There is no actionable alerts sent to consumer based on individual preferences


12/57

2.2 Proposed system

Card secure consumers can take control of their financial identity and

purchasing power. Card Secure provides consumers with an additional level of security

and peace of mind during the payment experience and can help reduce resolution time

and frustrations associated with resolving payment fraud. This system is developed to

identify a fraudulent payment transaction within seconds and put the consumer in

immediate contact through text message email or telephone call.

For consumers, Card Secure delivers value, including:

Increased financial security with a single source to monitor all

accounts

Actionable alerts sent to consumer based on individual preferences.

Immediate contact with financial institution upon fraud detection.

Reduced fraud resolution time, costs, and inconveniences for the

consumer.

Audit trail creation to support fraud claims

Increased peace of mind


13/57

2.3 Feasibility Study

The feasibility study is a high level capsule version of the entire system

analysis and design process. The objective of the feasibility study is to determine

whether the system is feasible. There are three aspects of feasibility study is which

system is subjected to be details are future discussed below;

Technical Feasibility

Operational Feasibility

Economical Feasibility

2.3.1 Technical Feasibility

The Technical feasibility study determines whether the desired project should

be done with the current equipment or with the new technology if required. In my project

the all forms are very easy to access and update the all information. There is no complex

to retrieve the user data. The system is provided with the necessary features to maintain

accuracy, reliability and data security. Hence the proposed system was found to be

technically feasible.

2.3.2 Operational Feasibility

Proposed project is beneficial only if it can be turned into information system that

will meet the organizations operating requirements. Simply Stated, this test of feasibility

asks if the system will work when it is developed and installed in the place of existing

system. The project was tested for the operational feasibility.

2.3.2 Economical Feasibility

. The benefits that are expected from the new system will be more for internet

accessing. There is no registration fee for using this service. So it is economically

feasible.


14/57

CHAPTER 3

SOFTWARE DESCRIPTION

System requirements document serves as the foundation for hardware

engineering, software engineering, database engineering and human engineering. It

describes the function and performance of the computer based system and the constraints

that will govern its development.

It completely describes what the proposed software should do without describing

how the software will do it the basic goal of the requirement phase is to produce the

Software Requirements specification which describes the complete external behavior of

the proposed software. It indicates the study of hardware and software requirements.

The hardware and software requirement of the system is the study of minimal

requirements of the developing system and operational environment.

3.1 Hardware Requirements

The hardware specification includes all the hardware and peripherals

requirements in the development environment.

Intel 945GC Mother Board

Intel[R] Core2Duo processor (2.20GHz)

1 GB of RAM

160 GB of Hard Disk Drive


15/57


16/57

CHAPTER 4

SOFTWARE DESCRIPTION

4.1 FRONT END AND BACK END DESCRIPTION

. NET FRAMEWORK

The .NET Framework is an integral Windows component that supports building

and running the next generation of applications and XML Web services. The .NET

Framework is designed to fulfill the following objectives:

To provide a consistent object-oriented programming environment whether object

code is stored and executed locally, executed locally but Internet-distributed, or

executed remotely.

To provide a code-execution environment that minimizes software deployment

and versioning conflicts.

To provide a code-execution environment that promotes safe execution of code,

including code created by an unknown or semi-trusted third party.

To provide a code-execution environment that eliminates the performance

problems of scripted or interpreted environments.

To make the developer experience consistent across widely varying types of

applications, such as Windows-based applications and Web-based applications.

To build all communication on industry standards to ensure that code based on the

.NET Framework can integrate with any other code.

Advantages:

Consistent Programming Model

Direct Support for Security

Simplified Development Efforts

Easy Application Deployment and Maintenance


17/57

ASP.NET

ASP.NET, the next version of ASP, is a programming framework used to create

enterprise-class Web Applications. These applications are accessible on a global basis

leading to efficient information management.

Advantages Using ASP.NET [1*]

ASP.NET drastically reduces the amount of code required to build large

applications

ASP.NET makes development simpler and easier to maintain with an event-

driven, server-side programming model

ASP.NET pages are easy to write and maintain because the source code and

HTML are together

The source code is executed on the server. The pages have lots of power and

flexibility by this approach

The source code is compiled the first time the page is requested. Execution is fast

as the Web Server compiles the page the first time it is requested. The server saves

the compiled version of the page for use next time the page is requested

The HTML produced by the ASP.NET page is sent back to the browser. Theapplication source code you write is not sent and is not easily stolen

ASP.NET makes for easy deployment. There is no need to register components

because the configuration information is built-in

The Web server continuously monitors the pages, components and applications

running on it. If it notices memory leaks, infinite loops, other illegal software or

activities, it seamlessly kills those activities and restarts itself

ASP.NET validates information (validation controls) entered by the user without

writing a single line of code

ASP.NET easily works with ADO .NET using data-binding and page formatting

features

ASP.NET applications run faster and counters large volumes of users without

performance problems


18/57

C # Overview

C# (pronounced C Sharp) is a multi-paradigm programming language that encompassesfunctional, imperative, generic, object oriented (class based) , and component oriented

programming disciplines.

Features:

Some notable C# distinguishing features are:

There are no global variables or functions. All methods and members must be

declared within classes. It is possible, however, to use static methods/variables

within public classes instead of global variables/functions.

C# supports a strict Boolean data type, bool. Statements that take conditions,

such as while and ifrequire an expression of a Boolean type.

Managed memory cannot be explicitly freed, but is automatically garbage

collected. Garbage collection addresses memory leaks.

C# is more type safe than C++. The only implicit conversions by default are

those, which are considered safe, such as widening of integers and conversion

from a derived type to a base type. This is enforced at compile-time, during JIT,

and, in some cases, at runtime. There are no implicit conversions between

Booleans and integers, nor between enumeration members and integers. Any user-

defined conversion must be explicitly marked as explicit or implicit, unlike C++

copy constructors and conversion operators, which are both, implicit by default.

C# currently (as of 3 June 2008) has 77 reserved words.


19/57

MICROSOFT SQL SERVER 2005:

SQL Server 2005 offers new features and enhancements that improve productivity,

efficiency, availability, and administrative ease.

FEATURES OF SQL SERVER 2005:

Database mirroring

The primary database continuously sends transaction logs to the backup database on a

separate SQL Server instance. A third SQL Server instance is then used as a witness

database to monitor the interaction between the primary and the mirror databases.

Database snapshots

A database snapshot is essentially an instant read-only copy of a database. In

addition to being a great reporting tool, users can revert control from primary database to

a snapshot database in the event of an error

CLR integration

With SQL Server 2005, users now have the ability to create custom .NET objects

with the database engine. For example, stored procedures, triggers, and functions cannow be created using familiar .NET languages such as VB and C#.

Service Broker

This feature gives you the ability to create asynchronous, message-based

applications in the database entirely through TSQL. The database engine guarantees

message delivery, message order consistency, and handles message grouping

DDL triggers

DDL triggers are defined at the server or database level and fire when DDL

statements occur. This gives the ability to audit when new tables, stored procedures, or

logins are created.


20/57

Ranking functions

SQL Server 2005 provides the ability to rank result sets returned from the

database engine. This allows to customize the manner in which result sets are returned,

such as creating customized paging functions for Web site data.

Row versioning-based isolation levels

This new database engine feature improves database read concurrency by

reducing the amount of locks being used in the database

XML integration

SQL Server 2005 introduces the new XML data-type. This allows users to store

full XML documents in this new data-type, and you can place validations on the well-

formed documents in the database

Database Mail

Database Mail uses standard SMTP to send e-mail messages. These messages

may contain query results, attachments (which can be governed by the DBA), and is fully

cluster aware.

5. PROJECT DESCRIPTION


21/57

5.1 PROBLEM DEFINTION

The main problem in all payment processing players-merchants, financial

institutions, card companies and processors- can now deploy a real-time fraud mitigation

and 2-way communication alert platform that is embedded in the payment stream. This

innovative solution enables you to detect fraud in real time while engaging in 2-way

communication with accountholders, resulting in quick response, no false positives and

no disruption to the payment process.

This is unlike any technology currently available. Purchase Alert delivers an

additional level of security and peace of mind to the consumer payment experience and

enables consumers to take control of their financial identity and purchasing power.

Using secure web and mobile-based technology, Purchase Alert can identify a fraudulent

transaction within seconds and informed to consumer.

5.2 Overview of the project


22/57


23/57

Framework, testing the model, integrating the model, fixing the bugs if any and

implementing the model.

5.3 MODULE DESCRIPTION

The modules are

Login

In this module, the new user can create an account. The existing user enter the user

name and password to use the features of card secure purchase alert system.

Card type

The user can enter the details in this module to perform secure card transaction

Transaction

The details needed for transaction is obtained by this module such that merchant

name, account holder name, date, amount etc.

Rule

The transaction is validated in this module. That is the given parameters are checked

according to rules

Notification

In this module, during transaction is notified to the consumer through mail or SMS.

The status of notification is viewed in this module.

Merchant/Financial Institution

In this module, to add merchants and financial institutions to perform secure card

transaction

5.4 INPUT DESIGN


24/57

Input design deals with the selection of controls and devices used for creating a

project. The following are the primary objectives of an input design:

1. Controlling amount of I/p

2. Avoiding delay

3. Avoiding errors in data

4. Avoiding extra steps

5. Keeping the process simple.

The following basic input devices are used in my project for the system to accept input

from the user

1. Keyboard

2. Mouse

SSO uses various controls that allow users to furnish information as input to the

system. Some of those input controls are mentioned below:

1. Text Box

2. Drop Down List box

3. Radio Button List

4. Check Box List


25/57

5.5 OUTPUT DESIGN

Output is the primary purpose of any system. Output design is often discussed

before other aspects of design because, from the client's point of view, the output is the

system. Output is what the client is buying when he or she pays for a development

project. Inputs, databases, and processes exist to provide output .

Coding the program for each module with its logic is performed in this step.

Proper software specifications are also done here.

Computer output is the most important and direct source of information to user.

Output design is a process that involves designing necessary outputs that have to be

various users according to their requirements. Efficient intelligent output design should

improve the system relationship with the user and help in decision making.

The output data design is made in such a way that it is easily understandable to

the data entry operators by using meaningful and appropriate messages. When designing

output, a system analyst accomplishes the following.

Determine the information to present.

Decide whether to display or print the information and select the output medium.

Arrange the present to information acceptable format.

Decide how to distribute the output to intended receipts.

The output device used in my project is a color monitor, which enables the user to

view information displayed on the web page for future accessing.

Since my project, Card Secure purchase alert is a web application, output will be

in the form of web pages which are linked to each other inside a website.

5.6 DATABASE DESIGN


26/57

Database files are the key source of information into the system. It is the process of

designing database file, which are the key source of information to the system.

A general theme behind a database is to handle the information as an integrated whole.

A database is a collection of interrelated data stored with minimum redundancy to serve

many users quickly and effectively. The general objective is to make information access

easy, quick, inexpensive and flexible for the user.

The databases are implemented using a DBMS package. Each particular DBMS has

unique characteristics and general techniques for database design.

The proposed system CARD SECURE stores the information relevant for processing

in the MS SQL SERVER Database. MS SQL SERVER database contain tables, where

each table corresponds to one particular type of Information. Each piece of information in

the table is called a field or column.

A table also contains records, which is a set of fields. All records in a table have the

same set of fields with different information. Each row in a table is said to be entity. Each

field is referred as attributes.

Each table contains key fields that establish relationship in a MS SQL SERVER

database and how the records are stored. There are primary key fields that uniquely

identify a record in a table. The tables consist of more than one n Normalization process.

NORMALIZATION


27/57

The term normalization of data refers to the way data items are grouped together into the

records structures. Normalization is a technique of separating redundant fields and

breaking of a large table into smaller ones.

Normalization is adopted to overcome the drawbacks like

Repetition of data

Loss of information

Inconsistency

All the tables have been normalized up to the second normal form. Various narmal forms

that are available are as follows:

First Normal Form

A relation is said to be in 1NF (First Normal Form) if the values in the domain of each

attribute of the relation are automatic, i.e., only one value is associated with each attribute

and the value is not a set of values. A database is said to be in 1NF if all the relations of

the database are in 1NF.

Second Normal Form

The 2NF is based on the concept of full functional dependence. A relation is said to be

in 2NF (Second Normal Form) if and only if it is in 1NF and every non-key attribute is

fully functionally dependent on candidate key of the table.

Third Normal Form

The 3NF is based on the concept of transitive dependency. A relation in 2NF if and

only if every non-key attribute is non-transitively dependent on the primary key.


28/57

5.6.1 List of tables

Table Name:Card_Master

Table Name: Transaction_master

Fieldname Datatype length Constraints

Tran_id int NotNull

M_name Varchar 30 NotNull

Acc_Name Varchar 20 NotNull

Date datetime NotNull

Amount money NotNull

Status image 20 NotNull

Table Name: Rule_master

\

Fieldname Datatype length Constraints

Field name Datatype length constraints

Acc_id varchar 20 Not null

FI_name VarChar 20 Notnull

Card_Type VarChar 20 Notnull

Nick_name VarChar 30 NotNull

Card_no Int NotNull

ExpYear Varchar 20 NotNull

Expmonth VarChar 20 NotNull


29/57

Acc_name varchar 20 NotNull

Rule nVarchar(max)

Email bit NULL

Sms bit NULL

TableName:FI_master

Fieldname Datatype Lenght Constraints

S_no int 4

FI_Name nvarchar 20 Not Null


30/57

FieldName Datatype Length Constraints

Tran_id int 20

Email_sent bit Not null

Sms_sent bit Not null

Tran_date datetime

Reply_received bit

Amount money Not null

Status char

Mer_name nvarchar 20 Not null


31/57

5.7 DATA FLOW DIAGRAM

Dataflow diagram is a graphical representation of the flow of data through aninformation system

There are basically three levels in a DFD

Level 0

This level shows the overall context of the system and its operating

environment and shows the whole system as just one process

Level 1

The purpose of this level is to show the major high level processes of the system

and their interrelation

Level 2

This level is a decomposition of a process shown in a level 1 diagram, as such

there should be a level 2 diagrams for each and every process shown in a level 1 diagram


32/57

DFD LEVEL 0

Login Transaction alertsService


33/57

Level-1

Database Stores (GUID)

Last 4 digits

Global unique

Identifier (GUID)

Card no

Authentication details

Authentication result

Level-2

Consumer Registe

Card secure center

FISFITS

Authenti

cation


34/57

Transaction

Transaction details

details

Transaction

Transaction status GUID, Merchantname, amount

C-Conform

D-Deny

Execute rules

Reply

SMS/Email

Merchant Swipes FITS

FIS

Rules

/verification

Card Secure Center

Consumer

CONFO

RMATI

ON

Verification


35/57

5.8 Entity Relationship Diagram

Entity relationship model is an abstract representation of structured data. An entity-

relationship (ER) diagram is a specialized graphic that illustrates the interrelationships

between entities in a database.

ER diagrams often use symbols to represent three different types of information.

Boxes are commonly used to represent entities. Diamonds are normally used to represent

relationships and ovals are used to represent attributes.


36/57

E-R DIAGRAM

Register

have

Card Master

Card id

Cardtyp

ExpYea

ExpMo

FIName

User

Userid Pwd

Rule master

Email Rule

Card_nSms


37/57

CHAPTER 6

SYSTEM TESTING

System testing is the stage of implementations, which is aimed at ensuring that the

system works accurately and efficiently before live operation commences. A series of

testing is done for proposed system before the system is ready for user acceptance. Test

data are prepared and the system is tested using the test data. System testing is a critical

element of software quality assurance and represents the ultimate review of specification,

design and coding. Testing objective should be to design the tests that systematically

uncover different classes of errors and do so with minimum amount of time and effort.

The tests are made functional, structural and simple.

Testing Objective

The objectives of the testing are:

Testing is a process of executing a program with the intent finding

an error.

A good test case is one that has high probability of finding an as

yet undiscovered error.

Types of Testing Unit Testing

Integration Testing

Validation Testing

Performance Testing

UNIT TESTING

Each module interface is tested to ensure that information properly flows in to andout of the program unit under test. As the system is getting up the development ladder, it

is tested unit by unit. All common errors of computation are uncovered in this testing

method.


38/57

INTEGRATION TESTING

Integration Testing is a logical extension of unit testing. In this simplest form, two

units that have already been tested are combined into a component and the interface

between them is tested. Integration testing is done is three ways, they are:

Top down approach

Bottom up approach

The top-down approach to integration testing requires the highest-level modules

be tested and integrated first. The bottom-up approach requires the lowest-level units be

tested and integrated first. First, the inputs for functions are integrated in the bottom-up

pattern discussed above. The outputs for each function are then integrated in the top-

down manner.

VALIDATION TESTING:

Validation can be defined in many ways, but a simple definition is that can be

reasonable expected by the customer, which is defined in the software requirement

specification, a document that describes all user visible attribute of the software.

The following test producers are followed during system development:

Testing each option independently

Testing all possible combinations of image file formats entered by user including

invalid data

Testing robustness of each option

Testing the option after integrating it with the entire system

Testing the entire system

The users of the company are trained to operate the developed system. Both the

hardware and software are made to run the developed system successfully in the future.


39/57

Test Cases

A test case in software engineering is a set of conditions or variables under which a

tester will determine whether an application or software system meets specifications.

The mechanism for determining whether a software program or system has passed or

failed such a test is known as a test oracle. In some settings an oracle could be a

requirement or use case. It may take many test cases to determine that a software

program or system is functioning correctly. Test cases are often referred to as test

scripts, particularly when written. Written test cases are usually collected into test

suites.


40/57

CHAPTER 7

SYSTEM IMPLEMENTATION

Implementation involves the conversion of a basic application to a

complete replacement with a computer system. It is a process of converting the new or

revised system design into an operational one.

During the design phase, the product structure, its undergoing data structure,

the general algorithm and the interfaces a control/data linkage needed to support

communication among the various substructures was established.

Implementation is the final and important phase. The most critical stage in

achieving a successful new system and in giving the users a confidence that the new

system will work and be effective is that the system can be implemented only after

thorough testing is done and if it found to working according to the specification.

At the beginning of the development phase, a preliminary implementation plan is

created to schedule and manage the many different activities that must be integrated into

plan.

In my project CARD SECURE PURCHASE ALERT can be implemented into

internet and user can access any time. Easy to access and secure the credit/debit cards in

them own way.


41/57

CHAPTER 8

CONCLUSION AND FUTURE ENHANCEMENT

8.1 CONCLUSION

I feel happy and proud in making my project CARD SECURE PURCHASE

ALERT. This project work has given an opportunity to develop my knowledge in

programming. This training improved to ability to develop flexible solutions to the given

problem. Several sophisticated features available in ASP.NET were followed in this

project.

Programs have been developed and implemented as per the requirements of the

users. This system is user-friendly and hence very easy to operate. In all these

applications, the company can get the satisfied output. Hence the company can drive the

benefit of this system, without having to do any manual book keeping.

Apart from the programming, I also came to know about the various tools need for

developing and designing a program.

Finally, I am proud in doing project and also I conclude this project CARD

SECURE PURCHASE ALERT with great successful and satisfaction.


42/57

CHAPTER 9

APPENDIX

9.1 SCREEN SHOTS


43/57

Sign up page


44/57

Signup page


45/57


46/57

Account information page


47/57


48/57

Rule builder page


49/57

Transaction page


50/57

Due alert page


51/57

9.2 Sample Coding

Code for login form

using System;using System.Data;using System.Configuration;using System.Collections;using System.Web;using System.Web.Security;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.WebControls.WebParts;using System.Web.UI.HtmlControls;using System.Data.SqlClient;

publicpartialclassAccountLogin : System.Web.UI.Page{ Database db = newDatabase();

protectedvoid Page_Load(object sender, EventArgs e){

Lblaccmsg.Visible = false;

} protectedvoid LinkButton1_Click(object sender, EventArgs e)

{Response.Redirect("Signup.aspx");


{Response.Redirect("Cardsec_consumer.aspx");


{Response.Redirect("Cardsec_consumer.aspx");


{ string q = "select * from Master_Profile where Login ='" +TextBox1.Text + "' ";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.getdata(q);

if (db.dt.Rows.Count != 0){

Session["login_name"] = TextBox1.Text;Response.Redirect("Forgot_Password.aspx");


52/57

} else

{Lblaccmsg.Visible = true;Lblaccmsg.Text = "Enter the valid user name";

}

} protectedvoid Button1_Click(object sender, EventArgs e)

{

string q = "select * from Master_Profile where Login ='" +TextBox1.Text + "' and user_Password='" + TextBox2.Text + "'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.getdata(q);


Session["Username"] = TextBox1.Text;

Session["Userpassword"] = TextBox2.Text;Session["mobile"] =

db.dt.Rows[0]["mobile_phone"].ToString();Session["mailid"] = db.dt.Rows[0]["e_mail1"].ToString();Response.Redirect("MyProfile_user.aspx");

} else

{Lblaccmsg.Visible = true;Lblaccmsg.Text = "You are not a valid user";

}}

protectedvoid updateButton_Click(object sender, EventArgs e){

string str1 = "server=Anjusoft\\SQLEXPRESS;database=cardsecure1; trusted_connection=true"; SqlConnection sqlcon = newSqlConnection(); SqlDataAdapter sqlada = newSqlDataAdapter(); DataSet ds = newDataSet();

sqlcon = newSqlConnection(str1);sqlcon.Open();

string query = "Select update_picture from master_Profile whereLogin='"+TextBox1.Text +"'";

sqlada = newSqlDataAdapter(query, sqlcon);

sqlada.Fill(ds, "master_Profile");DataGrid1.DataSource = ds.Tables["master_Profile"];DataGrid1.DataBind();

}}


53/57

Coding for define card form

using System;using System.Data;using System.Configuration;using System.Collections;using System.Web;using System.Web.Security;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.WebControls.WebParts;using System.Web.UI.HtmlControls;

publicpartialclass images_DebitCredit : System.Web.UI.Page{

Database db = new Database(); protectedvoid Page_Load(object sender, EventArgs e)

{ if (Session != null)

{ if (IsPostBack == false)

{Label8.Visible = false;

string loginname = Session["username"].ToString();Label3.Text = loginname.ToString();financialInstitution();

string s = "selectCardID,Nick_Name,substring(Card_No,13,4) as CardNo,Amount,Expiry_Datefrom Card_Details where user_name='" + Label3.Text + "'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.Bind(s);datagrid1.DataSource = db.ds;datagrid1.DataBind();

}

}}

publicvoid financialInstitution(){

string loginname = Session["username"].ToString();Label3.Text = loginname.ToString();

string s = "select financial_name frommaster_financialinstitution where user_name='"+Label3.Text+"'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.Bind1(s);


54/57

Dropfinancialinst.Items.Clear(); while (db._sqldr.Read())

{Dropfinancialinst.Items.Add(db._sqldr[0].ToString());

}

} protectedvoid Button1_Click(object sender, EventArgs e)

{ string aa = "null";

Label8.Visible =false; string loginname = Session["username"].ToString();

Label3.Text = loginname.ToString();

if (Btnaddcart.Text == "Submit"){

if (Txtnickname.Text != "" && Textamount.Text !="" &&TxtExpirydate.Text !="" && Txtcardno.Text !="")

{

int dd=Txtcardno.Text.Length; if (dd == 16)

{

string s = "select * from Card_Details whereNick_Name='" + Txtnickname.Text + "' and Card_No='" + Txtcardno.Text +"' ";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.getdata(s);


Label8.Visible = true;Label8.Text = "Your Nick name and Card No is

Already Exist in responding card type";}

else{

string squery = "insert into Card_Detailsvalues ('" + Dropfinancialinst.SelectedItem.Text.ToString() + "','" +DropCardtype1.SelectedItem.Text.ToString() + "','" + Txtnickname.Text +"','" + Txtcardno.Text + "','" + Textamount.Text + "','" +TxtExpirydate.Text + "','" + Label3.Text + "')";

db.insert(squery);Label8.Visible = true;Label8.Text = "New Card is added

successfully";

}}

else{

Label8.Visible = true;Label8.Text = "You must enter 16 digit";

}

}


55/57

else{

Label8.Visible = true;Label8.Text = "Enter all the Fields";

}}

elseif (Btnaddcart.Text == "Update"){

string cid = Session["card_id"].ToString(); string a = "update Card_Details setfinancial_inst_name='"+Dropfinancialinst.SelectedItem.Text.ToString()+"', card_type='"+DropCardtype1.SelectedItem.Text.ToString()+"',Card_No='" + Txtcardno.Text + "', Amount='" + Textamount.Text + "',Expiry_Date='" + TxtExpirydate.Text + "' where user_name='" +Label2.Text + "' and CardID=" + cid.ToString() + " andfinancial_inst_name='" + Dropfinancialinst.SelectedItem.Text.ToString()+ "' and card_type='" + DropCardtype1.SelectedItem.Text.ToString() +"'";

db.Update(a);

Label8.Visible = true;Label8.Text = "Debit/Card Details is updated

successfully"; string sbind = "select * from Card_Detailswhere user_name='" + Label2.Text + "'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.Bind(sbind);datagrid1.DataSource = db.ds;datagrid1.DataBind();Btnaddcart.Text = "Submit";

}

string ss = "select CardID,Nick_Name,substring(Card_No,13,4)as CardNo, Amount,Expiry_Date from Card_Details where user_name='" +Label3.Text + "'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.Bind(ss);datagrid1.DataSource = db.ds;datagrid1.DataBind();

}

protectedvoid Txtcardno_TextChanged(object sender, EventArgs e){

}

protectedvoid datagrid1_ItemCommand(object source,DataGridCommandEventArgs e)

{Label1.Visible = false;Btnaddcart.Text = "Update";

int l; string code;

l = e.Item.ItemIndex;


56/57

code = e.Item.Cells[0].Text.ToString();Session["card_id"] = code.ToString();

string loginname = Session["username"].ToString();Label2.Text = loginname.ToString();

string squery1 = "selectFinancial_inst_name,Card_type,Nick_Name,substring(Card_No,13,4) asCardNo,Amount,Expiry_Date from Card_Details where CardID='" +code.Trim() + "' and user_name='" + Label2.Text + "'";

db.dt.Rows.Clear();db.dt.Columns.Clear();db.getdata(squery1);

if (db.dt.Rows.Count != 0){Dropfinancialinst.SelectedItem.Text =

db.dt.Rows[0]["Financial_inst_name"].ToString();DropCardtype1.SelectedItem.Text =

db.dt.Rows[0]["Card_type"].ToString();Txtnickname.Text = db.dt.Rows[0]["Nick_Name"].ToString();Txtcardno.Text = db.dt.Rows[0]["Card_No"].ToString();Textamount.Text = db.dt.Rows[0]["Amount"].ToString();

TxtExpirydate.Text = db.dt.Rows[0]["Expiry_Date"].ToString();}

else{

Label1.Visible = true;Label1.Text = "Debit/Credit details is not available ";

}}

protectedvoid datagrid1_DeleteCommand(object source,DataGridCommandEventArgs e)

{Label1.Visible = false;

int l; string code;

l = e.Item.ItemIndex;code = e.Item.Cells[0].Text.ToString();

string sdelete = "delete from Card_Details where CardID='" +code.Trim() + "' and user_name='" + Label2.Text + "'";

db.delete(sdelete);

Label1.Visible = true;Label1.Text = "Card Details is deleted successfully";

string sbind = "select * from Card_Details where user_name='" +Label2.Text + "'";

db.dt.Rows.Clear();

db.dt.Columns.Clear();db.Bind(sbind);datagrid1.DataSource = db.ds;datagrid1.DataBind();Btnaddcart.Text = "Submit";

} protectedvoid DropCardtype1_SelectedIndexChanged(object sender,EventArgs e)

{


57/57

}}

CHAPTER 10

REFERENCES

BIBLIOGRAPHY

1. Douglas J. Reliy (2002 Edition), Microsoft press, Designing Asp.NET.

2. David Sussman, Alex Homer(2006 Edition),Wiley Publishing, Wroxs ASP.NET 2.0

Visual Web Developer 2005 Express Edition Starter Kit.

3. Dino Esposito (2002 Edition). Microsoft press, ASP.NET Programming

4. Roger S. Pressman, Fourth Edition, McGraw Hill, Software Engineering

5. Reference Websites:

i.www.asp.net

ii.www.codeproject.com

iii.www.w3schools.com

Documents

Credit Card Secure Docuement