Imagine you’re making an online purchase. Your cart is full, your items are ready, and you click “Checkout.” A prompt appears that reads:
“Please provide all the information we need to withdraw money from your bank account and make payments on your behalf whenever we want. You can trust us.”
Most of us would hesitate—and rightly so.
Now imagine a second, more familiar prompt:
Credit Card Number
Account Holder Name
Expiration Date
CVV
Billing Address
Most people would enter this information without a second thought. But functionally, these two prompts are almost identical. In both cases, you’re giving the merchant everything they need to charge you whenever they want, and you’re trusting them to handle that information responsibly.
From a security perspective, this is far from ideal.
In-Person Payments vs. Online Payments
Payments completed in person may have the benefit of leveraging cryptographic chips built into the payment card to enhance security (at least for modern cards). This is often referred to as EMV or Chip-and-PIN.
It’s important to note that the Chip-and-PIN method isn’t widely used in all places. Some countries, such as the United States, seem to prefer Chip-and-Signature. The Garantir team has its own opinions on the reduced security offered by Chip-and-Signature rather than Chip-and-PIN, the value of hand signatures in general, and other related topics, but we will save those for another post. In this post, we will focus on online payments, sometimes referred to as Card Not Present (CNP) transactions, as they make up a large portion of the total amount of payments made today.
While there have been attempts to make Chip-and-PIN available for CNP transactions— mainly by making chip readers available on end-user’s devices— these attempts have failed to garner widespread adoption. As a result, users have been left entering their financial information into websites and mobile applications. Due to the cost of getting a chip reader into every device, it is likely that Chip-and-PIN will not be a viable solution for CNP transactions for quite some time, if ever.
Preventative & Detective Security Controls
Financial institutions use several layers of security to protect CNP transactions:
Preventative Controls
Stop fraudulent transactions before they occur.
Examples include:
CVV checks
3-D Secure
Behavioral or risk scoring
Detective Controls
Identify fraud after the transaction.
Examples include:
Post-transaction monitoring
Dispute and chargeback processes
Preventative controls are obviously better, but they must balance security with the fast checkout experience customers expect.
Understanding Online Payment Flow
Here’s a simplified version of how online payments work:
Customer enters financial information
Merchant forwards financial data and payment amount to the processor
Processor validates financial information
Processor verifies available funds
Processor performs threat and fraud analysis
Processor notifies merchant of the result
Merchant finalizes the transaction
Key observations:
Financial data is static and can be reused for fraudulent charges
The merchant handles sensitive data before the processor reviews it
The merchant must securely store, transmit, and protect this information—creating risk
Even with advanced controls like 3-D Secure or push-approval, merchants still have unnecessary access to sensitive data
This model creates multiple opportunities for fraud and misuse.
SET: A Better Way To Process Payments
Imagine a system where:
Sensitive financial data is never shared with the merchant
Merchants cannot modify the transaction amount
Transactions cannot be replayed
Anyone can verify a valid transaction
Invalid transactions are easily detectable
Verification happens in sub-second time
The system is compatible with existing payment infrastructure
This isn’t theoretical.
The solution already exists: Secure Electronic Transaction (SET).
SET was designed around digital signatures, which provide:
Transaction-specific signatures
Public verifiability
Strong resistance to forgery
Fast creation and verification
Automatic invalidation when any data changes
A key innovation of SET is the dual signature, which keeps order details and payment information separate—providing privacy while still cryptographically linking them to prevent disputes or tampering.
Why SET Never Took Off
SET was introduced in 1996—well before smartphones, modern browsers, and widespread cryptographic support.
Challenges included:
Browsers of the time lacked the cryptographic capabilities required
Implementing the required crypto was expensive
Rumors circulated about potential per-transaction fees from vendors
The ecosystem wasn’t technically ready
But today, with modern devices, secure enclaves, widespread TLS, and powerful browsers, these barriers no longer exist.
A Modern, Compatible Approach
SET can be modernized by encrypting current payment details (credit card number, CVV, etc.) and embedding them in the consumer’s certificate. Once the digital signature is verified:
The encrypted payment data can be extracted
Only the issuing bank can decrypt it
The transaction is processed exactly like it is today
This allows organizations to gain the security and privacy benefits of SET without replacing existing financial infrastructure.
Conclusion
Conclusion
Digital signatures have powerful applications far beyond payments. They are essential for:
Code signing
Document signing
SSH
TLS
S/MIME
And more
If you’re exploring how to strengthen digital signatures across your organization, the Garantir team can help.
GaraTrust, our flagship cryptographic platform, keeps private keys protected inside Hardware Security Modules while providing fast, proxy-based access and seamless client integrations—ensuring maximum security without slowing down operations.
