Solved

Sockets & Finance

Posted on 1998-09-23
10
351 Views
Last Modified: 2010-04-01
Can anybody recommend a good tutorial for learning sockets and financial transactions? I'm interested in writting an app to keep tabs on credit card balances (my own, not the world's) via internet & would like to get an idea of how much a nightmare I'm looking at. I want to get a good overview the areas involved. I'm not even sure what security issues there are so any insight will be greatly appreciated.

Thanks!
0
Comment
Question by:Grailman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 2

Expert Comment

by:gysbert1
ID: 1173558
Sockets is not a problem. That we can help you with.

EFT is not that simple though. Doing the application is pretty straightforward, you just have to construct the correct packet and send it, but your bank will definately have very strict security Issues concerning this and I doubt you would be able to actually connect to them.

I did some EFT work a while back and you will have to do interfacing with the bank's technical staff.

Remember that if you can get your balance you can also get other people's balances and they will not allow that.

I suggest you contact your bank and find out if it would be at all possible. I know some banks have passworded firewalls and banking servers up for online banking. This usually works through a browser using 128bit DES encryption on all data and a very strict authentification protocols.
0
 
LVL 1

Author Comment

by:Grailman
ID: 1173559
As for the sockets, what route is going to be best to reduce the learning curve? As for the rest, I take it that I would have to target very specific institutions to connect (Each of mine or my wifes specific cards or loans). Are you farmiliar with any general banking regs I might have to comply with?
0
 
LVL 2

Expert Comment

by:gysbert1
ID: 1173560
Since banking regulations vary from bank to bank and from country to country I doubt my experience in that field would be of much help.

Sockets are accessed much the same as files.
1) You simply issue a open command to open the socket
2) You call a function (select) to see if any data is available (a bit different from files)
3) You call read to or write to perform communication
4) You call close to terminate the connection.

There are a lot of issues though such as UDP or TCP connections and I suggest you get a good book on sockets. On what operating system will this work ? W.R. Stevens has a good book out called "Unix Network Programming". It explains everything you need to know (don't be fooled by the Unix part. Everything works almost exactly the same in Windows)

    W. Richard Stevens.
    Englewood Cliffs, NJ : Prentice-Hall, 1990. - XI, 772 S.
    ISBN  0-13-949876-1

I also suggest you look at www.sockets.com for lots of information end example applications.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Expert Comment

by:Bonev
ID: 1173561
As far I understand you want to keep track on your credit card balances. I don't think that most of the financial institutions allow Internet access to their data. All this is done via standard phone lines. Think of the 13 millions POS worldwide. I believe that the banks are connected in some kind of network that can be accessed through special service providers. And it is not the Internet.
0
 
LVL 2

Expert Comment

by:gysbert1
ID: 1173562
That is exactly the problem. The system I worked on used a special authentification application to dial into a service centre of the bank. It did all the security stuff for you and then allowed you to send TCP packets over the established link to do your EFT transactions. It was used not to get balances but to subtranct ammounts off peoples accounts (much like a credit card machine in a store). These transaction must even go through a second verification process where the signed receipts are produced before they are accepted.

As we all would hope the banks are very stingy when it comes to accessing their computers from outside for this would be the perfect way to ad a few $M to your account ;^)

0
 
LVL 1

Expert Comment

by:andla
ID: 1173563
I don't know much about this stuff (i would be glad if somebody could explain to a beginner) but it would be fantastic to create a program that send me a warning if somebody draw extra money from my VISA card. I got my card today, but the (bankofficer ?!)guy who worked at the bank warned me not to buy anything with paycard over internet. Normally this can slipp away if you don't check you account from time to time. I heard that the bank (in sweden) had a service where i could check my bankaccount and make transfere.

Your sincerely
Andla
0
 
LVL 1

Author Comment

by:Grailman
ID: 1173564
I do not actually want to do any financial transactions over the internet or phone lines, but just monitor my balance (I suppose that to the financial institutions there's not much diffrence though). If anyone will lock the question w/ a good EFT, POS, and encryption information source, I'll go ahead & give the points.
0
 
LVL 2

Accepted Solution

by:
gysbert1 earned 100 total points
ID: 1173565
For  FEDI (Financial Electronic Data Interchange),EFT(Electronic Fund Transfer)and X12 (the ANSI standard that the communication is built on) have a look at:
  http://haas.berkeley.edu/~citm/wp1006/bofatoc.html
  http://web.fie.com/web/era/edi_def.htm
  http://www.xmledi.com/
  http://www.premenos.com/standards
  http://www.oakland.ecrc.org/eft.html
Other Sites:
  http://www.edifice.org/otherweb.htm

I think this site will have links to everything you need to know about DES (Data Encryption Standard):
  http://webopedia.internet.com/TERM/D/DES.html

Although DES is used and accepted as secure for encryption it is not the only option when doing EDI. The EDI documentiation above should have more information and links to the relevant encryption standards that exist and what the options are. After all, 10 years ago EDI was alive and kicking but DES was still a top secret DOD project ;^)

As far as POS goes it is simply a acronym for Point Of Sales System. Cash regesters etc. are classified as POS's and the more modern ones make use of FEDI or more likely EFT to deduct amounts off credit cards when you buy something in the store. I could give you lots of links to companies who sell these systems but I doubt it will be of any help.

Good luck on your project. Hope this answers all your questions.
0
 
LVL 1

Author Comment

by:Grailman
ID: 1173566
Gave you a B only because I'll take the sites on your word until I have time to check them out.

Thanks!
0
 
LVL 2

Expert Comment

by:gysbert1
ID: 1173567
Although it is obviously your choice I would reccomend you to check out any answer before grading it.

Blindly accepting an answer before making sure it is what you want is never a good Idea.
No expert will be upset if he has to wait a week or so for you to check out the solution before grading but if you accept the answer and it does not solve your problem you just might be very sorry you did ...
0

Featured Post

Want Experts Exchange at your fingertips?

With Experts Exchange’s latest app release, you can now experience our most recent features, updates, and the same community interface while on-the-go. Download our latest app release at the Android or Apple stores today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question