Document Type



Privacy is always one of the primary concerns in electronic commerce. Consumers must have the right to keep their buying habits and personal information confidential, especially when it comes to on-line credit card payment. Not just only because this payment method has been becoming the trend of modern consuming practice, but also it involves the sensitivity of privacy information. Based on the need-to-know principle, transaction information should be distributed properly among participants to be against aggregation and analysis. In this paper, the privacy required for on-line credit card payment is described, and the privacy protection on three common payment protocols such as SSL, SET and 3D SET are also analyzed in detail. Two solutions are then proposed to enhance privacy protection for cardholders