INTRODUCTION

1. INTRODUCTION
Various approaches have been performed in order to gain the consumers trust in credit card transactions; but no foolproof solution has been found to overcome the weaknesses in those systems. This paper proposes a new solution that combines biometric ID card with online credit card transactions. Since the implementation details such as the type and the matching algorithm of the biometrics data might vary between countries because of the project requirements and laws, the proposed system remains local for the each country that might adopt the solution. To elucidate the proposed system and provide a concrete example, we used Turkish e-ID pilot system as the identity verification module since it best fits the requirements of the framework.

1.1 Objective It is necessary and prudent to evaluate the feasibility of a project at the earliest possible time. There may be different ways of checking whether a system is feasible or not. The following feasibility studies were performed to gauge the feasibility of the system. Operational Objective In this test, the operational scope of the system is checked. The system under consideration should have enough operational reach. It is observed that the proposed system is very user friendly and since the system is built with enough help, even persons with little knowledge of windows can find the system very easy.

Technical Feasibility This test includes a study of function, performance and constraints that may affect the ability to achieve an acceptable system. This test begins with an assessment of the technical viability of the proposed system. One of the main factors to be accessed is the need of various kinds of resources for the successful implementation for the proposed system.

Economical Feasibility An evaluation of development cost weighed against the ultimate income or benefit derived from the development of the proposed system is made. Care must be taken that incurred in the development of the proposed of the system should not exceed from the system. The income can be in terms of money or goodwill, since the software brings in both, the system is highly viable.

1.2 About the Organization

SRM INFOTAKE
Since its inception SRM Soft Solutions was established by software professionals with years of experience working with leading names in the industry. It has been engaged in providing highend software solutions to companies. SRM Soft Solutions also provides Consulting services, Turnkey development and offshore development.

SRM Soft Solutions culture is driven by the needs of its customers and is committed in delighting its customers by implementing effective and efficient processes that starts with a clear understanding of their wants and needs. Our technically competent, experienced, and certified consultants have helped client organization design, develop and deploy technology enabled business solutions.SRM Soft Solutions provides a comprehensive managed service that masks the complexity of extranet deployment and maximizes return on investment.

1.3 Existing System

Nowadays online shopping increased highly, people simply login to the merchant website and give their credit card details and account details and waiting for service. Here there is no surety for successful delivery of products because the website may be fake one. It captures the customers secret details and they misuse their accounts. In this system there is no verification procedure for authenticate the merchant as well as the buyer. By having any ones credit card with his pin number any one can perform the online shopping. Here there is no authentication for the buyer. Likewise the buyer doesnt know whether the merchant is a genuine person or not. Therefore security and confidentiality are the major issues in the existing systems.

1.4 Drawbacks of Existing System

No security communication No confidentiality between merchant and customer No guarantee of service

1.5 Proposed System

This System proposes a framework that combines Turkish e-ID system, which provides a biometric ID card, and online credit card transactions and leaves the low-level security issues to the e-ID system implementation. Using the capabilities of biometric ID card, this framework proposes a safer shopping environment for both consumer and the merchant, which sells products and service over the web. Since the e-ID system provides a ready to use security and identification infrastructure, the banks and the merchants need to spend less effort in integrating the framework then implementing security mechanisms themselves. Though being a local solution because of the specific e-ID implementation, the framework both provides identity verification for the consumers via multi factor authentication and verifies the merchants institutional info to ensure a safe path of payment from the consumers bank accounts to the merchants bank accounts.

1.6 Advantages of Proposed System

Fingerprint and keypad matrix provide more security Key generation provide additional security Message alert used to stop the transaction if any one (buyer/merchant) is fraud. Time consuming process

SYSTEM REQUIREMENTS

2. SYSTEM REQUIREMENTS

The purpose of the Software Requirement Specification is to produce the specification of the analysis task. The goal of Software Requirement Specification is to completely specify the technical requirements for the software product in a concise and unambiguous manner.

2.1 Hardware Environment

Processor/system Main memory Cache memory Processor speed Hard disk drive : : : : : Pentium IV 512 MB RAM 512 KB 600 MHz 80 GB

2.2 Software Environment

Operating system Framework Front End Back End : : : : Windows /2000/XP Professiona .Net Framework 3 & Above. Asp.Net (code Behind Vb.Net) Sql Server

Software Description Microsoft .NET Framework

The Microsoft .NET Framework is a software framework that can be installed on computers running Microsoft Windows operating systems. It includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution 7

of programs written specifically for the framework. The .NET Framework is a key Microsoft offering and is intended to be used by most new applications created for the Windows platform.

Fig 2.2.1 .Net Framework Features of .NET The following are major features of .NET. We will use these features throughout out journey. Here is just a brief introduction to all key features of .NET.

MSIL Microsoft Intermediate Language (MSIL) is a platform independent language that gets compiled into platform dependent executable file or dynamic link library. It means .NET compiler can generate code written using any supported languages and finally convert it to the required machine code depending on the target machine. Microsoft Intermediate Language (MSIL) is a language used as the output of a number of compilers (C#, VB, .NET, and so forth). The ILDasm (Intermediate Language Disassembler) program that ships with the .NET Framework SDK (Frameworks\Bin\ildasm.exe) allows the user to see MSIL code in human-readable format. By using this utility, we can open any .NET

executable file (EXE or DLL) and see MSIL code. The MSIL code finally converted in to native code using by Just In Time Compiler

Just In-Time Compiler The high level programming languages that need to be compiled require a runtime, so that the architecture on which the language runs is provided with details on how to execute its code. All the programming languages use its corresponding runtime to run the application. For example, to run an application developed using Visual Basic, the computer on which the application will be run must be installed with the Visual Basic runtime. The Visual Basic runtime can run only the applications developed with Visual Basic and not the ones developed with any other programming language like Java. In the .NET Framework, all the Microsoft .NET languages use a common language runtime, which solves the problem of installing separate runtime for each of the programming languages. Microsoft .NET Common Language Runtime installed on a computer can run any language that is Microsoft .NET compatible. The main advantage of the .NET Framework is the interoperability between different languages. As all the Microsoft .NET languages share the same common runtime language, they all work well together. For example, you can use an object written in C# from Visual Basic.NET. The same applies for all the other Microsoft .NET languages. When you compile a Microsoft.NET language, the complier generates code written in the Microsoft Intermediate Language (MSIL). MSIL is a set of instructions that can quickly be translated into native code. A Microsoft.NET application can be run only after the MSIL code is translated into native machine code. In .NET Framework, the intermediate language is compiled "just in time" (JIT) into native code when the application or component is run instead of compiling the application at development time. The Microsoft.NET runtime consists of two JIT compilers. They are standard JIT compiler and the Eco no JIT compiler. The Eco no JIT compiler compiles faster than the standard JIT compiler, but the code it produces is not as optimized as the code obtained from the standard JIT compiler.

Assemblies The 'Assembly' is a new concept that the .NET framework introduces to make your journey in programming more easily. The .NET framework introduces assemblies as the main building blocks of your application. An application can contains one or more assemblies. An assembly can be formed in one or more files. This all depends on your programming needs. An assembly is either a .DLL or .EXE that forms a part of an application. It contains MSIL code that is executed by CLR. The following are other important points related to an assembly: It is the unit on which permissions are granted. Every assembly contains a version Assemblies contain interfaces and classes. They may also contain other resources such as bitmaps, file etc. Every assembly contains assembly metadata, which contains information about assembly. CLR uses this information at the time of executing assembly. Assemblies may be either private, which are used only by the application to which they belong or Global assemblies, which are used by any application in the system. Two assemblies of the same name but with different versions can run side-by-side allowing applications that depend on a specific version to use assembly of that version. Assemblies are mainly introduced to solve the problems of versioning, DLL conflicts, and simplifying the process of deployment. Most end users have encountered versioning or deployment problems when they do install a new application or a new version of an existing one. There are many situations where you install a new application only to find an existing one stopped working, and the system cannot recover from that. Many developers spent a lot of time trying to retain the registry entries consistence in order to activate a COM class. All this frustration occurs because of versioning problems that occur with component-based applications.

Common Type System Common Type System (CTS) specifies the rules related to data types that languages must follow. As programs written in all languages are ultimately converted to MSIL, data types in all languages must be convertible to certain standard data types.

10

CTS is a part of cross-language integration, which allows classes written in one language to be used and extended by another language.

Cross-language Interoperability .NET provides support for language interoperability. However, it doesnt mean every program written in a language can be used by another language. To enable a program to be used with other languages, it must be created by following a set of rules called Cross Language Specifications (CLS). Cross-language inheritance is the ability to create a class in C# from a class created in VB.NET. When an exception is raised by a program written in C#, the exception can be handled by VB.NET. This kind of exception handling is called cross-language exception handling. The common language runtime provides built-in support for language interoperability. However, this support does not guarantee that code you write can be used by developers using another programming language. To ensure that you can develop managed code that can be fully used by developers using any programming language, a set of language features and rules for using them, called the Common Language Specification (CLS), has been defined. Components that follow these rules and expose only CLS features are considered CLS-compliant Components of .NET .NET framework has two main components. They are: Common Language Runtime .NET class library

Common Language Runtime The Common Language Runtime (CLR) is a core component of Microsoft's .NET initiative. It is Microsoft's implementation of the Common Language Infrastructure (CLI) standard, which defines an execution environment for program code. The CLR runs a form of byte code called the Common Intermediate Language (CIL, previously known as MSIL -- Microsoft Intermediate Language). Developers using the CLR write code in a language such as C# or VB.NET. At compile time, a .NET compiler converts such code into CIL code. At runtime, the CLR's just-in-time compiler

11

converts the CIL code into code native to the operating system. Alternatively, the CIL code can be compiled to native code in a separate step prior to runtime. This speeds up all later runs of the software as the CIL-to-native compilation is no longer necessary. Although some other implementations of the Common Language Infrastructure run on nonWindows operating systems, Microsoft's implementation runs only on Microsoft Windows operating systems. The CLR allows programmers to ignore many details of the specific CPU that will execute the program. It also provides other important services, including the following:

Memory management Thread management Exception handling Garbage collection Security

The Common Language Runtime (CLR) is the environment where all programs in .NET are run. It provides various services, like memory management and thread management. Programs that run in the CLR need not manage memory, as it is completely taken care of by the CLR. For example, when a program needs a block of memory, CLR provides the block and releases the block when program is done with the block. All programs targeted to .NET are converted to MSIL (Microsoft Intermediate Language). MSIL is the output of language compilers in .NET (see figure 2). MSIL is then converted to native code by JIT (Just-in Time Compiler) of the CLR and then native code is run by CLR.

ASP.NET ASP.NET is a server side scripting technology that enables scripts (embedded in web pages) to be executed by an Internet server. ASP.NET is a Microsoft Technology ASP stands for Active Server Pages ASP.NET is a program that runs inside IIS IIS (Internet Information Services) is Microsoft's Internet server IIS comes as a free component with Windows servers

12

 IIS is also a part of Windows 2000 and XP Professional The ASP.NET application platform uses a frame work model. Application logic is divided into components according to function, and the various application components that make up a ASP.NET application are installed on different machines depending on the application component belongs. Client-tier components run on the client machine. Web-tier components run on the server. Business-tier components run on the server. Internet information system (IIS)-tier software runs on the server. The .NET Framework is the infrastructure for the Microsoft .NET platform. The .NET Framework is an environment for building, deploying, and running Web applications and Web Services. Microsoft's first server technology ASP (Active Server Pages), was a powerful and flexible "programming language". But it was too code oriented. It was not an application framework and not an enterprise development tool.

Visual Studio.Net Visual Studio .NET is a complete set of development tools for building

ASP Web applications XML Web services Desktop applications Mobile applications

Visual Basic .NET, Visual C++ .NET, and Visual C# .NET all use the same integrated development environment (IDE), which allows them to share tools and facilitates in the creation of mixed-language solutions.

13

Visual Basic Visual Basic has been updated to include many new and improved language features that make it a powerful object-oriented programming language. These features include inheritance, interfaces, and overloading, among others. Visual Basic also now supports structured exception handling, and custom attributes. In addition, Visual Basic supports multithreading. Multithreading is the ability to assign individual tasks to separate processing threads. C# Visual C#, pronounced C sharp, is a new object-oriented programming language that is an evolution of C and C++, providing a simple and type-safe language for developing applications. C++ Managed Extensions for C++ and attributed programming are just some of the enhancements made to the C++ language. Managed Extensions simplify the task of migrating existing C++ applications to the new .NET Framework. Attributes, like C++ keywords, are used in your source files and interpreted by the compiler. Attributes are designed to provide a quick and efficient method to simplify COM programming with Visual C++. Java Script JScript has been updated to be a class-based, object-oriented scripting language that maintains full backwards compatibility with previous versions of JScript. JScript now provides class-based objects, typed variables, true compiled code, and cross-language support through Common Language Specification (CLS) compliance. The primary role of JScript is development of Web sites with ASP.NET and customization of applications with Script for the .NET Framework.

14

Types of forms used in .Net

Web Forms Web Forms are an ASP.NET technology that you use to create programmable Web pages. Web Forms render themselves as browser-compatible HTML and script, which allows any browser on any platform to view the pages. Using Web Forms, you create Web pages by dragging and dropping controls onto the designer and then adding code, similar to the way that you create Visual Basic forms Windows Forms Windows Forms is the new platform for Microsoft Windows application development, based on the .NET Framework. This framework provides a clear, object-oriented, extensible set of classes that enables you to develop rich Windows applications. Additionally, Windows Forms can act as the local user interface in a multi-tier distributed solution.

15

SYSTEM PLANNING AND DESIGN

16

3. SYSTEM PLANNING AND DESIGN

System design contains logical design and physical design. Logical design describes the structure and characteristics or feature like output, input, files, databases & procedures. The physical design follows the logical design of actual software as a working system. There will be constraints like hardware software, cost, time and interfaces.

System Architecture 1

Merchant is valid person /invalid

Merchants website Buyer is a valid person/invalid

Client

User pin + acc no + Fingerprint

Request to validate the client

Bankserver

Fig 3.1.1 System Architecture 1for Request Completion

17

System architecture 2

Fig 3.1.2 System Architecture 2 for authentication

3.2 Module Description

Login module

Keypad matrix Finger print

Merchant/client validation Token number generation Bank server Message Alert Transaction 18

Login module At first to purchase products from online shopping the user has to login to the particular merchants website. Here the user has to give his username, credit card number, secret pin number via his own 44 keypad matrix and finally he has to give his fingerprint to login to the system. These parameters are directly sent to the bank server and there some validation process will be done. For login we use to hardware modules

Keypad matrix When the user login to the merchant website he has to enter his secret bin number via the keypad matrix. Because keypad matrix has its own unique id and some separate format. When the user enters the number in keypad matrix the pin number along with the corresponding keypad id also transferred to the bank server.

Finger print To provide more security the customer has to give his finger print along with the other login information. Finger print of the particular bank client is stored in the bank servers database. If the given fingerprint matches with the existing database then only he can precede the transaction.

Merchant/Client validation In this framework, we do not only aim the identification of the customer but also we verify the merchant and order data to ensure a proper fund transfer. Once the customer login to the merchants website the login details like username, credit card number, secret pin and fingerprint of the customer are transferred to the corresponding bank server. Here the bank server already holds the customers details as well as the merchants details and holds a unique

certificate for both the client and merchant in its database. If the given information of the customer is not matched with the database information then it will send as alert message like the customer is not a valid person to the merchants website. Likewise if the merchant is not a valid person then it will send an alert message to the customer.

19

Token number generation After the completion of validation process, the bank server generates a random number and sends the random number to the customers mobile. By using that random number only the customer can continue the next process in the website.

Bank server The bank server is the important module in this project since this bank server only validates both customer and merchant by using their input information. The bank server must have all the details about the clients as well as all the details about the merchants in its database. The bank server has the responsibility to perform the secured fund transactions between the authenticated persons. Also it has the responsibility to alert the merchant or customer at the time of unsecured situation. Here we use identity verification package (IVP) and identity verification service (IVS), for validation

Transaction module If both the client and merchant are valid persons then the system allows the user to continue his purchasing process from the particular merchants website. He can choose any product as he desired and he can order the products. Likewise the merchant can collect the amount from the corresponding bank and completes the delivery successfully.

20

3.3 Data Flow Diagram

Level 0

Give the credit card number + secret pin number via keypad matrix + fingerprint Merchants website

Customer

Forward the input details

Bank server

Fig 3.3.1 Data Flow Diagram for Initial input to the merchants website

Level 1

Generate random number and Send it to buyer mobile Bank server

Enter the random number Merchant Website

Customer

Fig 3.3.2 Data Flow Diagram for Random number generation 21

Level 2

Bank server

Validate both merchant/buyer

If both valid

Precede further transactions

If buyer fraud

If merchant fraud

Send an alert to merchant

Send an alert to buyer

Stop

Fig 3.3.3 Data Flow Diagram for client/merchant validation

22

3.4 Control Flow Diagram

Buyer browses the merchants website and requests a order Buyer has to enter his Credit card PIN using keypad Buyer has to input his finger print using sensor Buyer has to enter the token number to the merchants website Merchant create a VIP and sends the input details to Bank servers IVS IVS validate the clients Certificate and sends the result to Bank server Additionally the IVS validate the merchants certificate also.

No If both client and merchant are authenticated persons

Yes Bank server transfer the amount to the merchants account and informs this to the merchant as well as client

Proceeding further transactions

Stop the transaction

Fig 3.4.1 Control Flow Diagram for Client/Merchant Transaction 23

3.5 Database Design

Table A table is a set of data elements (values) that is organized using a model of vertical columns.

Datasheet Table To add, edit or analyses the data itself we work in tables datasheet view mode.

Column name Cname CAccNo PinNo BankName Balance

Data type varchar(50) varchar(50) varchar(50) varchar(50) varchar(50)

Allow Nulls checked checked checked checked checked

Table 3.5.1 Bank in credit card Table

Fingerprint Table Column Name cardno cnam fid Data Type varchar(50) varchar(50) int(4) Allow Nulls checked checked checked

Table 3.5.2 Fingerprint Table

24

Credit Card Table

Column Name cname cAccNo Pin No Bank No Balance

Data Type varchar(50) varchar(50) varchar(50) varchar(50) varchar(50)

Allow Nulls checked checked checked checked checked

Table 3.5.3 Credit Card Table 3.6 Sample Coding

Acquire page

Imports System.Data Imports System.Data.SqlClient Partial Class _Default Inherits System.Web.UI.Page Dim a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12 As String Dim CAcc, CBal, MAcc, MBal, Amt As Integer Dim con As SqlConnection Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click If TextBox1.Text = Session("Secretcode") Then con.Open() Dim cmd As SqlCommand = New SqlCommand("insert into Shopacc values('" & a1 & "','" & a2 & "','" & a3 & "','" & a4 & "','" & a5 & "','" & a6 & "','" & a7 & "','" & a8 & "','" & a9 & "','" & a10 & "','" & a11 & "','" & a12 & "')", con) cmd.ExecuteNonQuery() MsgBox("The Product will be Delivered to You") cutomer() 25

merchant() con.Close() Else MsgBox("Enter the Correct Token Number") End If End Sub Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load con = New SqlConnection("Data Source=RANA-PC\SQLEXPRESS;Initial Catalog=CreditCard;integrated security=true") Label1.Text = "Welcome " & Session("Name") a1 = Session("Name") a2 = Session("PName") a3 = Session("Manufacture") a4 = Session("Ptype") a5 = Session("Paymode") a6 = Session("Cost") a7 = Session("Bankname") a8 = Session("CAccno") a9 = Session("Pinno") a10 = Session("Amttransfer") a11 = Session("MerchantName") a12 = Session("MerchantAccNo") Amt = Convert.ToInt32(a10) End Sub Public Sub cutomer() Dim Custcmd As SqlCommand = New SqlCommand("select * from Bank where CName='" & a1 & "'", con) Dim dr As SqlDataReader = Custcmd.ExecuteReader() If dr.Read() Then CAcc = dr("Balance") 26

End If CBal = CAcc + Amt dr.Close() Dim UpdCust As SqlCommand = New SqlCommand("update Bank set Balance='" & Amt & "' where CName='" & a1 & "'", con) UpdCust.ExecuteNonQuery() MsgBox("The Amount " & a10 & "is subtracted from your Account") End Sub Public Sub merchant() Dim Mercmd As SqlCommand = New SqlCommand("select * from Merchant where Mname='" & a11 & "'", con) Dim dr As SqlDataReader = Mercmd.ExecuteReader() If dr.Read() Then MAcc = dr("Mbalance") End If MBal = MAcc - Amt dr.Close() Dim UpdMer As SqlCommand = New SqlCommand("update Merchant set Mbalance='" & Amt & "' where Mname='" & a11 & "'", con) UpdMer.ExecuteNonQuery() End Sub End Class

customer page

Imports System.Data Imports System.Data.SqlClient Partial Class _Default Inherits System.Web.UI.Page Dim con As SqlConnection

27

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Label1.Text = "Welcome Administrator" con = New SqlConnection("") End Sub Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton1.Click con.Open() Dim cmd As SqlCommand = New SqlCommand("select * from NewUser", con) Dim da As SqlDataAdapter = New SqlDataAdapter(cmd) Dim ds As DataSet = New DataSet() da.Fill(ds) GridView1.DataSource = ds GridView1.DataBind() con.Close() End Sub Protected Sub LinkButton3_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton3.Click Response.Redirect("SendSMS.aspx") End Sub End Class

Product page

Imports System.Data Imports System.Data.SqlClient Partial Class _Default Inherits System.Web.UI.Page Dim con As SqlConnection Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click 28

con.Open() Dim cmd As SqlCommand = New SqlCommand("insert into Products values('" & TextBox1.Text & "','" & TextBox2.Text & "','" & TextBox3.Text & "','" & TextBox4.Text & "','" & TextBox5.Text & "','" & TextBox6.Text & "')", con) cmd.ExecuteNonQuery() con.Close() MsgBox("Product Details are Inserted") End Sub Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton1.Click GridView1.Visible = True con.Open() Dim cmd As SqlCommand = New SqlCommand("select * from Products", con) Dim da As SqlDataAdapter = New SqlDataAdapter(cmd) Dim ds As DataSet = New DataSet da.Fill(ds) GridView1.DataSource = ds GridView1.DataBind() con.Close() End Sub Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load con = New SqlConnection("Data Source=RANA-PC\SQLEXPRESS;Initial Catalog=CreditCard;integrated security=true") End Sub Protected Sub LinkButton2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton2.Click End Sub End Class

29

Sales page

Imports System.Data Imports System.Data.SqlClient Partial Class _Default Inherits System.Web.UI.Page Dim con As SqlConnection Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton1.Click con.Open() Dim cmd As SqlCommand = New SqlCommand("select * from Shopacc", con) Dim da As SqlDataAdapter = New SqlDataAdapter(cmd) Dim ds As DataSet = New DataSet da.Fill(ds) GridView1.DataSource = ds GridView1.DataBind() con.Close() End Sub Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load con = New SqlConnection("Data Source=RANA-PC\SQLEXPRESS;Initial Catalog=CreditCard;integrated security=true") End Sub Protected Sub LinkButton2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton2.Click con.Open() Dim cmd As SqlCommand = New SqlCommand("select * from Merchant", con) Dim da As SqlDataAdapter = New SqlDataAdapter(cmd) Dim ds As DataSet = New DataSet da.Fill(ds) GridView1.DataSource = ds 30

GridView1.DataBind() con.Close() End Sub End Class

Card page Imports System.Data Imports System.Data.SqlClient Partial Class _Default Inherits System.Web.UI.Page Dim con As SqlConnection Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load con = New SqlConnection("Data Source=RANA-PC\SQLEXPRESS;Initial Catalog=CreditCard;integrated security=true") DropDownList1.Items.Clear() DropDownList2.Items.Clear() con.Open() Dim cmd As SqlCommand = New SqlCommand("select * from bankcheck", con) Dim dr As SqlDataReader = cmd.ExecuteReader() While dr.Read() DropDownList1.Items.Add(dr("cardno").ToString()) DropDownList2.Items.Add(dr("buydate").ToString()) End While dr.Close() con.Close() End Sub Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click Dim decrypt As Byte() = Convert.FromBase64String(TextBox1.Text) Dim decval As String 31

decval = System.Text.ASCIIEncoding.ASCII.GetString(decrypt) TextBox1.Visible = False TextBox4.Visible = True TextBox4.Text = decval End Sub 'Protected Sub DropDownList1_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles DropDownList1.SelectedIndexChanged ' 'con.Open() ' 'Dim cmd1 As SqlCommand = New SqlCommand("select * from bankcheck where cardno='" & DropDownList1.SelectedItem.Text & "'", con) ' 'Dim dr1 As SqlDataReader = cmd1.ExecuteReader() ' 'If dr1.Read() Then ' ' DropDownList2.Items.Add(dr1("buydate").ToString())

' 'End If ' 'dr1.Close() ' 'con.Close() 'End Sub 'Protected Sub DropDownList2_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles DropDownList2.SelectedIndexChanged 'End Sub Protected Sub Button4_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button4.Click con.Open() Dim cmd3 As SqlCommand = New SqlCommand("select * from certificate where shopname='" & TextBox5.Text & "'", con) Dim dr3 As SqlDataReader = cmd3.ExecuteReader() If dr3.Read() Then MsgBox("Merchant Certicate is Correct") Else MsgBox("Merchant Certificate id Wrong") End If 32

dr3.Close() con.Close() End Sub Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click Dim newbal As Integer con.Open() Dim cmd5 As SqlCommand = New SqlCommand("select * from newcard where cardno='" & DropDownList1.SelectedItem.Text & "'", con) Dim dr3 As SqlDataReader dr3 = cmd5.ExecuteReader() If dr3.Read() Then If TextBox4.Text = dr3("pinno").ToString() Then If TextBox2.Text = dr3("accno").ToString() Then If TextBox3.Text < Convert.ToInt32(dr3("amount").ToString()) Then MsgBox("Correct User. Transaction is Completed") newbal = Convert.ToInt32(dr3("amount").ToString()) - Val(TextBox3.Text) Else MsgBox("Customer dont have enough balance") End If Else MsgBox("Account Number is wrong") End If Else MsgBox("Pin Number is wrong") End If Else MsgBox("The Account details are worng") End If dr3.Close()

33

Dim upcmd As SqlCommand = New SqlCommand("update newcard set amount=" & newbal & " where cardno='" & DropDownList1.SelectedItem.Text & "'", con) upcmd.ExecuteReader() con.Close() End Sub Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LinkButton1.Click System.Diagnostics.Process.Start(Server.MapPath(".\\AdminFinger\AdminFinger\bin\Debug\A minFinger.exe")) End Sub Protected Sub Button5_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button5.Click Dim cer As String con.Open() Dim cmd2 As SqlCommand = New SqlCommand("select * from bankcheck where cardno='" & DropDownList1.SelectedItem.Text & "' and buydate='" & DropDownList2.SelectedItem.Text & "'", con) Dim dr2 As SqlDataReader = cmd2.ExecuteReader() If dr2.Read() Then TextBox1.Text = dr2("pinno").ToString() TextBox2.Text = dr2("accno").ToString() TextBox3.Text = dr2("prate").ToString() TextBox5.Text = dr2("shopname").ToString() cer = dr2("scertificate").ToString() End If dr2.Close() con.Close() End Sub End Class

34

SYSTEM IMPLEMENTATION

35

4. SYSTEM IMPLEMENTATION

The development of a software system involves a series of production activities where opportunities for injection of human fallibilities are enormous. Errors may begin to occur at the very inception of the process where the objectives may be erroneously or imperfectly specified, as well as errors that occur in later design and development stages. Because of human inability to perform and communicate with perfection, software development is accompanied by a quality assurance activity. Software Testing is a critical element of software quality assurance and represents the ultimate review of specification, design and coding. Testing is a set of activities that can be planned in advance and conducted systematically. For this reason a template for software testing a set of steps into which we can place specific test case design techniques and testing methods should be designed for the software engineering process.

Testing Objectives Testing is a process of executing a program with the intent of finding an error. A good test case is one that has a high probability of finding an as yet and discovered error. A successful test is one that uncovers an as yet undiscovered error.

4.1 Methodology Used for Testing

Black Box Testing It is a test case design method used on the functional requirements of the software. It will help a software engineer to derive a set of input conditions that will exercise all the functional requirements of the program. Black box testing attempts to find errors in the following categories: By black box testing we derive a set of test cases that satisfy the criteria:Test cases that reduce by a count that is greater than one, the number of additional test cases that must be

36

designed to achieve reasonable testing. Test cases that tell us something about the presence or absence of classes of errors rather than errors associated only with a specific test at hand. Debugging Debugging is not testing but always occurs as a consequence of testing. Debugging is a methodical process of finding and reducing the number of bugs, or defects, in a computer program thus making it behave as expected.To debug a program is to start with a problem, isolate the source of the problem, and then fix it. Security Testing Security Testing is carried out in order to find out how well the system can protect itself from unauthorized access, hacking cracking, any code damage etc. which deals with the code of application. This type of testing needs sophisticated testing techniques.

Unit Testing In the lines of strategy, all the individual functions and modules were put to the test independently. By following this strategy all the errors in coding were identified and corrected. This method was applied in combination with the White and Black Box testing Techniques to find the errors in each module.

Integration Testing This software testing strategy has two different approaches namely the top down approach in which the integration is carried out from the top level module to the bottom and the bottom up approach in which the integration is carried out from the low level modules to the top. The modules were tested using the bottom up approach by introducing stubs for the top-level functions. This test was used to identify the errors in the interface the errors in passing the parameters between the functions and to correct them.

Validation Testing The main aim of this testing is to verify that the software system does what it was designed for.

37

REPORT

38

5. REPORT
A report is used to view and print information from the database. The report can ground records into many levels and compute totals and average by checking values from many records at once. Also the report is attractive and distinctive because we have record control over the size and appearance of it.

5.1 Sample Screens

Fig 5.1.1 Product View

39

Fig 5.1.2 Users Registration

40

Fig 5.1.3 New User Registration

41

Fig 5.1.4 Merchant Site

42

Fig 5.1.5 Bank Admin

43

Fig 5.1.6 Logout page

44

CONCLUSION

45

CONCLUSION Security in online payment systems has been a wide research area since the early days of the Internet and several approaches have been devised by various organizations. However, there has been no certain solution overcome the deficiencies in these systems completely. Looking at the problem from a different mirror, we have introduced a solution based on the rapidly developing smart card based biometric ID systems. The proposed framework might be used in countries that use biometric ID cards like finger print and keypad matrix. Although the solution is not global because of the e-ID system differences for each country, it provides high security and safety for both the customer and the merchant in local e-commerce system.

46

SCOPE FOR FURTHER DEVELOPMENT

47

7. SCOPE FOR FURTHER DEVELOPMENT

In this proposed system we used fingerprint technology, but in future we can implement the system by using advanced biometric technology like Irish recognition. Instead message alert additionally we can send SMS Voice alert to the corresponding customer or merchant during fake transaction.

48

REFERENCES

49

8. REFERENCES

Books
Programming SQL Server 2005 by Bill Hamilton Microsoft Sql Server 2005 by Petkovic The complete reference to C# by Joseph Albahari, Ben Albahari Microsoft ASP.NET Application Development by Mike Snell, Glenn Johnson, Tony Northrup and GrandMasters. Beginning ASP.NET 3.5 in C# by Matthew MacDonald

Journals
[1] P. A. Bernstein, A. Y. Halevy, and R. Pottinger. A vision of management of complex models. SIGMOD Record, 29(4):5563, 2000. [2] E. Brill, S. Dumais, and M. Banko. An analysis of the askmsr question answering System. In Proc. of EMNLP 2002, 2002. [3] P. Bouquet, L. Serafini, and S. Zanobini. Peer-to-peer semantic coordination. Journal of Web Semantics, 1(2), 2005. [4] C. Reynaud and B. Safar. Exploiting wordnet as background knowledge. In P. Shvaiko, J. Euzenat, F. Giunchiglia, and B. He, editors, Proc. Of OM-2007, 2007. [5] Wikipedia. Upper ontology Wikipedia, the Free Encyclopedia, 2009.[Online; accessed 15-January-2009].

Web Reference

http://www.microsoft.com/net/ http://www.w3school.com http://msdn.microsoft.com/en-us/netframework/

http://www.microsoft.com/sqlserver/en/us/default.aspx

50