Steganography Steganography is the art of using cryptographic techniques to embed secret messages within another message. Steganographic algorithms work by making alterations to the least significant bits of the many bits that make up image files. The changes are so minor that there is no appreciable effect on the viewed image. This technique allows communicating parties to hide messages in plain sight— such as embedding a secret message within an illustration on an otherwise innocent web page. Steganographers often embed their secret messages within images or WAV files. These files are often so large that the secret message would easily be missed by even the most observant inspector. E-Commerce As mentioned in the previous section, the rapid growth of electronic commerce led to the wide- spread adoption of SSL and HTTPS as standards for the secure exchange of information through web browsers. Recently, industry experts have recognized the added security necessary for electronic transactions. In the next section, we’ll explore the Secure Electronic Transaction SET protocol designed to add this enhanced security. Secure Electronic Transactions The Secure Electronic Transaction SET standard was originally developed jointly by Visa and MasterCard—the two largest providers of credit cards in the United States—as a means for securing e-commerce transactions. When they outlined the business case for SET, the two ven- dors identified the following seven requirements: Provide confidentiality of payment information and enable confidentiality of order infor- mation transmitted along with the payment information. Ensure the integrity of all transmitted data. Provide authentication that a cardholder is a legitimate user of a branded payment card account. Provide authentication that a merchant can accept branded payment card transactions through its relationship with an acquiring financial institution. Ensure the use of the best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction. Create a protocol that neither depends on transport security mechanisms nor prevents their use. Facilitate and encourage interoperability among software and network providers. Material on SET is disappearing from the Internet since the original site, www.setco.org , is no longer active. For more information on SET, try visiting www.ectag.org .