The e-commerce basic service layer can realize standard online business activities services, including CA (Certificate Authority) certification, payment gateway and network security.
CA certification is carried out by the e-commerce certification authority (also known as the e-commerce certification center). The CA certification center plays the role of the “Public Security Bureau” and “Industrial and Commercial Bureau” on the Internet. It is the authoritative organization responsible for issuing and managing digital certificates. As a trusted third party in e-commerce transactions, it bears the responsibility of verifying the legitimacy of public keys in the public key system. The digital certificate it issues to the participants in the transaction is similar to an “online ID card” to confirm the identity of each party in e-commerce activities. It is a statement to ensure the security of personal identity or Web sites. CA certification must ensure the confidentiality of information (only the recipient can read the information), authentication (confirm the identity of the sender of the information), integrity (the information will not be tampered with during the transmission process), and non-repudiation (the sender cannot deny the information has been sent).
Payment Gateway is the interface between the banking financial network system and the Internet. It is a group of server devices operated by the bank to convert data transmitted on the Internet into internal data of the financial institution, or a third party designated to process merchant payment information and customer payment instructions. That is, the payment gateway mainly completes the functions of communication, protocol conversion and data encryption and decryption to protect the internal network of the bank. Without the payment gateway, the electronic payment function of the online bank cannot be realized.
In its essence, network security is information security on the network. In a broad sense, all related technologies and theories involving the confidentiality, integrity, availability, authenticity and controllability of information on the network are the research fields of network security. Network security usually ensures the implementation of access control, checking for security vulnerabilities, attack monitoring, encrypted communication, authentication, backup and recovery, multi-layer defense, hiding internal information, and setting up a security monitoring center.