Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Shariah Compliance

My presentation

Azizul Osmond

on 23 November 2017

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Shariah Compliance

Comprehensive Approach for ShariaH Compliance
E-Commerce Transaction

There are growing concerns among e-commerce customers particularly Muslims in Malaysia regarding on-line transaction both from security aspect and Shariah perspective. There are two main issues arise concerning purchasing on-line using credit cards.
The advents of IT and e-commerce have brought more complex levels of Islamic
business and commerce ethics that require the Islamic jurisprudents to expand their
tools of evaluation and analysis beyond the traditional context. With a comprehensive
approach that taking into account regulations and the existing technological tools
brought into the Sharia’s perspective, this article seeks and develops an understanding
how to provide alternative solution to the conventional and unislamic e-commerce
Securing transaction online must fulfill two main requirements, first concerning how to
protect the data from the unauthorized parties (confidentiality) and how to guarantee the
integrity of the transaction itself. Confidentiality ensures that the data travels on-line only
be received and access by the authorized party(s).

Confidentiality sometimes is associated with secrecy and privacy. On the other hand,
Trusted Network Interpretation defines that the integrity ensures that computerised data
are the same as those in source documents; they have not been exposed to accidental
or malicious alteration or destruction (National Comp Sec Center, 1987).

In order to guarantee the integrity in the context of communication on line, Stalling
(2003) suggested that the data sent must ensure the following:
On-Line Transaction
How visa/MasterCard Works
Payment Using Credit Card – Based on Islamic Principle
First is the medium of transaction via on-line or Internet itself
And secondly, the mode of payment being used to purchase online in which using credit card in this case.
As Malaysia is heading towards e-commerce and purchasing on-line via credit cards has
no longer a new trend the challenges arise for solution which compliance with Shariah
principles. This presentation will address and highlight several challenges and issues and present recommendations based on the existing technology without overlooking legal provision provided in this country to solve the concerns.
Last year 2011 itself , MOLPay gateway solution have recorded
RM 300 million for Malaysia E-Commerce transaction
Paypal alone have recorded 3.4 billion (US dollars) through their payment gateway
M.S.C have recorded
23 billion ringgit transaction in Malaysia within E-commerce industry
Malaysia is a multiconfessional country with Islam being the largest practiced religion
comprising approximately
61.4 PERCENT Muslim adherents
There are several main challenges of on-line transaction from the perspective of Sharia’
which will be discussed here namely the security, legality of the contract, issues of
anonymity, gharar and riba. Addressing these aspects require Islamic jurist and scholars
to scrutinize both the technicalities of the on-line transaction and the legalities in terms of
Challenges from Perspective of Shariah
Parts from legality of transaction from the traditional perspective such as halal
(permissible) aspects of the product or the service itself, Islam also recognize the
confidentiality and the integrity as important elements to secure the transaction. Islam is
very much concerns on the mode of transaction offered by the e-commerce. Thus, it has
brought considerable critical attention.
What is known as “Trading Data Management” can be traced dated backward since
fourteen centuries ago where the religion broken it into four major legalistic sections –
Fiqh al-Muamalat (Islamic Business Transaction).
i. The data must be protected against content modification – it includes changes to
the contents of a message, including insertion, deletion, transposition and
ii. The data must be protected against timing modification – delay or replay messages
iii. Source repudiation –denial of transmission of message by source
iv. Destination repudiation – denial of receipt of message by destination
If man-in-the-middle is able to intercept the message sent to a merchant, he might not
just modify the message (i.e. the order quantity), yet able to replay the same message to
re-purchase the product several time.
Credit card companies realized that most transactions over the internet require just
keying in information on credit card number, expiry date of card, name and address.
Both Visa and MasterCard have designed a protocol called “SET” or Secure Electronic
Transaction with participation from leading technology companies, including Microsoft,
IBM, Netscape, RSA and VeriSign. As the specification developed is open and free,
anyone can use it or develop any SET-compliant software for buying or selling on line

SET focuses on maintaining confidentiality of information, ensuring the message
integrity and authenticating the parties involved in transactions. It has been designed to
utilize technology for authenticating the parties involved in payment card purchases on
any type of online network and internet that uses Encryption and Digital Signature and
Digital Certificates.
1. Encryption
To buy goods over the Internet, one need to place an order accompanied by a credit
card number. The credit-card number must be encrypted before sending it to the
merchandiser. Encryption is a process in which the plain data such as a credit card
number is transformed into a cipher text unreadable accept for by receiving end who
then decrypts the scramble message into a readable form. This will ensure that the
credit card number will not be intercepted en-route, though if they are capable the
interpretation of the data is meaningless without the interceptor knowing how the
scrambling was done. This will prevent the cipher text be used by the unscrupulous
2. Legality of on-line Contract: Perspective of Shariah
In Islamic jurisprudence the word contract is used to mean an engagement and
agreement between two persons in a legally accepted, impactful and binding manner.

Contract as a little contracting parties obligating themselves with regards a given matter
and binding themselves together with the same as result of connecting an offer with an
acceptance. Also contracting is the connection of an offer with an acceptance in a lawful
manner which marks its effect on the subject of the connection.

The formation of contract requires two parties: one offers the contract then another party
who will accept the offer. The offer is the proposal which is made to show his or her
willingness to form a contract and in turn, the later response from the other party to
prove his or her willingness to the offer.
3. The Application of Session Key to Resolve Time Validity Period in Meeting Place
The validity period in meeting place can be resolved with an authorization and
authorization technique in Authentication Protocols by using session key. Generally the
protocol is used to verify that the communication partner who is supposed to be not an
impostor. The difference between authentication and authorization
is deal with whether you are communicating with a specific process whilst whether or not
you permitted to do the specific process or activity. For instance when two parties initiate
a deal or contract on line the first question arise are the communicating parties are
“talking” to the trusted ones. The first question is more important to be answered
unambiguously before the next process begin in which is just a matter of looking up
entries in local databases to check out level of authority be given to him or her to close
the deal.
4. The Application of Digital Signature and Certified Authority to Resolve Anonymity Concern
This article seeks to present and clarify the mechanism to resolve the above concerns
pertaining to anonymity in relation with the security and the validity of the transaction
from Islamic legal system. By applying both the technological and legal solution in e-commerce transaction will provide a comprehensive approach towards the above concerns.
Digital Signature
Though securing data from disclosure by the unauthorized party will ensure
confidentiality it will not protect the data from repudiation. There is a compelling need
that for the message to be protected from repudiation. Someone who sends a message
must be accountable and responsible and there is no way he or she to deny. In another
hand someone cannot falsify a message and claim that it was from someone else is
another example of repudiation.

A digital signature provides a mechanism in which the identity of the sender of a
message or the signer of a document to ensure that the original content of the message
or document that has been sent is not tampered or changed.

Digital Signature tries to replicate traditional signature that uniquely identifies the owner
of the signature. The ability to guarantee that the original signed message arrived means
that the sender cannot easily deny it later. Digital signatures are easily transportable and
cannot be copied or fabricated by someone else and can be atomically time-stamped.

Digital signature complements the encryption though it is not necessarily be used
together. It can be used with any kind of message, whether it is encrypted or not. The
receiver simply can be sure of the sender’s identity and the message arrived intact.
Trusted third Party – Certificate Authority (CA)
In order to guarantee and convince the receiving party that the message received is not
tampered a trusted third party is involved. The Trusted Third Party and sometimes
interchangeably called Certificate Authority (CA) to resolve any possible conflict
concerning the authentication and the confidentiality of the transaction. The trusted third
party or the certificate authority will ensure that the message received in a form when it
was sent. The general idea is that a certificate authority is trusted, so users can delegate
the construction, issuance, and acceptances as well as revocation of certificates to the authority.
The specific actions of a certificate authority include the following:
i. Managing public key certificates for their whole life cycle
ii. Issuing certificates by binding a user’s or system’s identity to a public key with a digital signature
iii. Scheduling expiration dates for certificates.
The credit card is an essential mode of payments in today’s society. It is one of the
important pillars of consumerism. People own this “plastic money” for various reasons
such as to attain credit facility, cash advance, easy payment, charge card and prestige
Indeed, the credit card has symbolized the status of wealth of a person in
order to make her/him special than others. Over the years, credit card industries are
getting popular among the Malaysian societies
According to Bank Negara Malaysia (2004), for the year 2004 there are 5.3 million credit
cardholders in Malaysia that spent RM30 billion on the transaction. The credit cards that
circulated in Malaysia could be clustered into two categories, which are conventional and
Islamic-based credit cards. Although in nature, these cards are the
same, but they are differences in terms of principles, fees and operations. For instance,
conventional credit card allows interest in its program whereby Islamic credit card allows
fees instead of interest in its program.
The use of credit cards for purchasing goods online and then paying the price of
purchase by installments to the bank or authorities that issue the cards is, in fact, a form
of loan to card-bearer. So, an issuer is not entitled to receive more than the amount
taken to purchase. But, the issuer is permitted to take a fixed charge under the name of
administrative expenses, and such a charge is not increasable due to an increase of
money used for purchase.
Literally Riba means an increase or increase. According to Islamic Jurist it can be
defined as usury or a practice of lending money with interest rates. In this concern,
Islamic Fiqh Assembly issued its decision:

i. It is not permitted to issue uncovered credit cards or to deal in them if there is a
condition that fixes usurious increase even if a user intends to pay up within a
given free period.

ii. It is permitted to issue uncovered credit cards as long as there is no condition
that fixes usurious increases to be added to debt.
Here are two (2) sub points:
i) It is lawful (for the bank or issuer) to receive a fixed charge for the issue or
renewal of such cards as a wage for service rendered.

ii) It is also lawful to receive commission from the trader for purchase, by the
customer provided that selling by card is equal in price to selling in cash.
The Bay al-Inah contract works on the basis of two (2) separate agreements, namely
Bay al-Mutlak (cash sale) and Bay Bithaman Ajil (deferred sale).

The former is the bank’s agreement to sell an item to the customer at an agreed price, while the latter agreement covers the customer selling back to the bank at a lower price. The difference is the bank’s profit on the transaction and is a predetermined amount. There is no penalty charged to the customer and for the unutilized financing amount the customers legible for rebate.
Literally gharar means fraud and has often been associated with risk and uncertainty. To
avoid from gharar both parties; buyers and sellers are required to have adequate
information of values they intend to exchange, the existence of the object, obtainable, its
quantity, quality and attributes are identified and it can duly be delivered.
1. Transaction begins
The Cardholder purchase goods
or services from merchant
2. Authentications
The Merchant, in effect sell the transactions to the aquirer
and is reimbursed the amount of the ticket less a discount fee
3.Transaction Submited
The Aquirer then submit the
transaction to the Issuer Bank
4.Merchant Payment
The Issuer Bank pay the merchant aquirer minus its fee through charge Visa/MasterCard settlement system.
5.Cardholder payment
Finally the cardholder pay the issuer banks for the goods or services originally from merchant
So this tells you that Visa/Master Card can set policy and dictate on what fund that Aquirer banks and Issuer banks give and received.

In away Visa/Mastercard would be able to filter out transaction.
So What???
Does it meet the requirement of Shariah?
1. Transaction begins
The Cardholder purchase goods
or services from merchant
2. Authentications
The Merchant, in effect sell the transactions to the aquirer
and is reimbursed the amount of the ticket less a discount fee
3.Transaction Submited
The Aquirer then submit the
transaction to the Issuer Bank
4.Merchant Payment
The Issuer Bank pay the merchant aquirer.
5.Cardholder payment
Finally the cardholder pay the issuer banks for the goods or services originally from merchant
Ground rules
If the Aquirer banks and Issuer banks want participate,
Banks need to provide the following requirement
1. Banks need to give and received fund from Islamic Account

2. The Islamic Account fund cannot be mix with any conventional Account
Meaning if 61.4 muslim populations out from 23 billions e-commerce transaction That would be???????
14.1 billions transaction that muslim in malaysia made e-commerce transaction
The discussion presented here might have answered the major concern among Muslims
regarding the security, legality and against gharar, riba and related issues from the
perspective of Shariah particularly in Malaysia. A part from a comprehensive approach,
this presentation is also meant to provide a general guidance for e-commerce players.

And there a needs for all of us to create and develop a "SHARIAH COMPLIANCE TRANSACTION" logo's and also it's enforcement. For this also we know that there room's from us to create a Shariah Compliance Payment settlement system options.
Full transcript