Editing Secure Electronic Transaction (section)

== Dual signature ==
As described in {{harv|Stallings|2000}}:

{{Quote|An important innovation introduced in SET is the ''dual signature''. The purpose of the dual signature is to link two messages that are intended for two different recipients. In this case, the customer wants to send the order information (OI) to the merchant and the payment information (PI) to the bank. The merchant does not need to know the customer's credit-card number, and the bank does not need to know the details of the customer's order. The customer is afforded extra protection in terms of privacy by keeping these two items separate. However, the two items must be linked in a way that can be used to resolve disputes if necessary. The link is needed so that the customer can prove that this payment is intended for this order and not for some other goods or service.}}

The [[Cryptographic hash function|message digest]] (MD) of the OI and the PI are independently calculated by the customer. These are concatenated and another MD is calculated from this. Finally, the dual signature is created by encrypting the MD with the customer's secret key. The dual signature is sent to both the merchant and the bank. The protocol arranges for the merchant to see the MD of the PI without seeing the PI itself, and the bank sees the MD of the OI but not the OI itself. The dual signature can be verified using the MD of the OI or PI, without requiring either the OI or PI. Privacy is preserved as the MD can't be reversed, which would reveal the contents of the OI or PI.