SSL (Secure Sockets Layer) was developed by Netscape to ensure the security of data transmission on the Internet. Using data encryption technology can ensure that data will not be intercepted and eavesdropped when transmitting on the network. At present, the general safety standard is 40 bit, and the United States has introduced a higher safety standard 128 bit, but it is restricted from leaving the country. As long as version 3.0 or above ie or Netscape browser can support SSL. The current version is 3.0. It has been widely used for authentication and encrypted data transmission between web browsers and servers. SSL protocol is located between TCP/IP protocol and various application layer protocols, which provides security support for data communication. SSL protocol can be divided into two layers: SSL recording protocol, based on reliable transport protocols (such as TCP), provides support for high-level protocols such as data encapsulation, compression and encryption. SSL handshake protocol: based on SSL recording protocol, it is used for identity authentication, encryption algorithm negotiation, encryption key exchange and so on. Before the actual data transmission.
SET protocol provides many security measures for electronic transactions. It can ensure the confidentiality, data integrity, undeniable transaction behavior and legitimacy of identity of electronic transactions. The certificates designed by SET protocol include: bank certificate and card issuer certificate, payment gateway certificate and merchant certificate. (1) Ensure that the SET protocol of customer transaction information adopts double signature technology, and in the process of SET transaction, the payment information and order information of consumers are signed respectively, so that merchants can only receive the user's order information but can't see the payment information; However, financial institutions can't see the transaction content, but can only receive the payment information and account information of users, thus fully ensuring the security of consumer accounts and order information. (2) Ensuring the non-repudiation of the transaction behavior of merchants and customers The key point of SET protocol is to ensure the authentication of merchants and customers and the non-repudiation of the transaction behavior. Its theoretical basis is undeniable mechanism, and its core technologies include X.509 electronic certificate standard, digital signature, message digest, double signature and so on. (3) Ensuring the legitimacy of merchants and customers SET protocol uses digital certificates to verify the legitimacy of all parties to the transaction. Through the verification of digital certificates, it can ensure that the merchants and customers in the transaction are legal and credible.