A Resourceful Approach in Security Testing to Protect Electronic Payment System Against Unforeseen Attack

This article describes how electronic payments are financial transactions made over the internet for goods or services. In the digital era, the e-commerce industry has gone beyond the traditional in-store service due to the wide spread of internet-based shopping. Developed countries are greatly relying on e-commerce business and a sizable number of countries have shown concern in regard to the online payment cards such as credit cards, debit cards, e-cash, e-cheques, e-wallets and smart card security. The main downsides are concerns over privacy or a malicious attack and hence safeguard mechanisms are required to protect personal information from falling into the hands of intruders. Before commercializing electronic payment systems (EPS), security tests play a significant role in the software development life cycle to check whether the system is secure and it is safe to use. A resourceful approach covering security policies, secure coding, security attack prevention methodology, security testing tool, security testing metrics, security test case prioritization techniques and a model for effective project management methodology are presented in this article. Early detection and resolution of security weaknesses can be achieved with the authors' proposed approach and would certainly reduce the time, effort and cost of a project. The proposed approach is likely the best-fit implementation of the payment industry, covering channels like B2C (Business to Consumer), C2C (Consumer to Consumer), C2B (Consumer to Business), B2B (Business to Business), People to People (P2P), G2C (Government to Citizen) and C2G (Citizen to Government).