Resuscitating privacy-preserving mobile payment with customer in complete control

Credit/debit card payment transactions do not protect the privacy of the customer. Once the card is handed over to the merchant for payment processing, customers are “no longer in control” on how their card details and money are handled. This leads to card fraud, identity theft, and customer profiling. Therefore, for those customers who value their privacy and security of their payment transactions, this paper proposes a choice—an alternate mobile payment model called “Pre-Paid Mobile HTTPS-based Payment model”. In our proposed payment model, the customer obtains the merchant’s bank account information and then instructs his/her bank to transfer the money to the merchant’s bank account. We utilize near field communication (NFC) protocol to obtain the merchant’s bank account information into the customer’s NFC-enabled smartphone. We also use partially blind signature scheme to hide the customers’ identity from the bank. As a result, our payment model provides the customer with complete control on his/her payments and privacy protection from both the bank and the merchant. We emulated our proposed mobile payment model using Android SDK 2.1 platform and analyzed its execution time.     

Building Privacy into Software Products and Services

In the marketplace, customer trust is paramount. As consumers increasingly rely on the Internet for shopping, banking, and other daily activities, privacy is both a major public concern and a barrier to e-commerce growth: fear of data breaches and identity theft threaten to erode trust in the Internet. Once the core privacy team (CPT) is built, it can begin to define the program, deploy its processes, and enforce the rules.     

Enforcing privacy in e-commerce by balancing anonymity and trust

Privacy is a major concern in e-commerce. There exist two main paradigms to protect the customer’s privacy: one relies on the customer’s trust that the network will conform to his privacy policy, the other one insists on the customer’s anonymity. A new paradigm is advanced here as a natural balance between these two. It sees the customer act using his real identity but only circulate cover data that conceal the resources he requires. Privacy enforcement is thus shifted from the customer’s identity to his purchase preferences. The new paradigm is suitable for scenarios such as eBay purchases where trust that a network sticks to a privacy policy is problematic, while anonymity is either forbidden or impossible.The computation of cover data is done by a node other than the customer in order to minimize impact on the customer. That node will therefore see the customer’s private data that are used to compute the cover. This demands some technology to prevent the node from exposing private data. An existing protocol developed for self-enforcing privacy in the area of e-polls is thoroughly analysed and found somewhat weak in terms of fairness among its participants. A stronger version is designed and adopted, together with an innovative differential-privacy preserving function, in the new privacy paradigm. The strengthened e-poll protocol and the new differential-privacy preserving function, which strictly speaking only are side contributions of this paper, each appear as important as the new e-commerce privacy paradigm.     

An anonymity-revoking e-payment system with a smart card

An untraceable offline e-payment system can offer a degree of customer anonymity; however, it also presents criminals with opportunities, such as laundering money, corruption, and kidnapping. In this paper, we improve on the e-payment system with a smart card proposed by S. Brands, and present an anonymity-revoking e-payment system. On the one hand, the customer’s privacy cannot be compromised by the bank or by the payee. On the other hand, anonymity can be removed by a trusted third party (trustee) with the help of the bank. In this case, the third party can link a payment to a corresponding withdrawal and prevent money laundering and blackmailing. Published online: 4 December 2001     

Verifying the SET Purchase Protocols

SET (Secure Electronic Transaction) is a suite of protocols proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. The Purchase part of the suite is intended to guarantee the integrity and authenticity of the payment transaction while keeping the Cardholder's account details secret from the Merchant and his choice of goods secret from the Bank. This paper details the first verification results for the complete Purchase protocols of SET. Using Isabelle and the inductive method, we show that their primary goal is indeed met. However, a lack of explicitness in the dual signature makes some agreement properties fail: it is impossible to prove that the Cardholder meant to send his credit card details to the very payment gateway that receives them. A major effort in the verification went into digesting the SET documentation to produce a realistic model. The protocol's complexity and size make verification difficult, compared with other protocols. However, our effort has yielded significant insights.     

A Comparison of B2C E-Commerce in Developing Countries

This article surveys the challenges of conducting business to consumer (B2C) e-commerce in developing countries. Low credit card penetration and poor delivery systems are widely viewed as serious problems for B2C e-commerce in developing countries. An investigation of payment and delivery methods provided by B2C sites in Russia, India and Latin America is reported. Similarities and differences in how sites from the three regions handle payment and delivery are presented. The results of an examination of e-commerce sites show that sites from all areas used a variety of payment and delivery methods, many of which are not highly used in the USA. The results also show that there are some regional differences in how e-commerce sites have chosen to deal with low credit card penetration and poor delivery systems. The implications for practice and future research are discussed.     

Privacy calculus model in e-commerce – a study of Italy and the United States

This study examines cross-cultural differences beliefs related to e-commerce use for Italy and the United States. We argue that for both cultures, the user's decision to make an online purchase is simultaneously influenced by a set of contrary factors. These include decision facilitators such as propensity to trust and institutional trust, and decision inhibitors such as perceived risk and privacy concerns. We argue that substantial cultural differences exist that affect the above factors and the relationships among them. We use Hofstede's cultural theory and Fukuyama's theory of trust and social capital, along with emic factors important for the Italian society, to develop the study's propositions. The hypotheses were empirically tested using LISREL structural equation modeling and multigroup analysis. The results revealed that the Italian society exhibited lower propensity to trust, institutional trust, privacy concerns, and higher perceived risk. The relationships between institutional trust and e-commerce use, privacy concerns and e-commerce use, and perceived risk and institutional trust are all weaker for Italy. The relationship between perceived risk and privacy concerns is stronger for Italy. The paper's major contribution is in validating an important model of e-commerce use across two cultures and showing the moderating effects of culture.     

Credit Card Fraud Detection Using Hidden Markov Model

Due to a rapid advancement in the electronic commerce technology, the use of credit cards has dramatically increased. As credit card becomes the most popular mode of payment for both online as well as regular purchase, cases of fraud associated with it are also rising. In this paper, we model the sequence of operations in credit card transaction processing using a hidden Markov model (HMM) and show how it can be used for the detection of frauds. An HMM is initially trained with the normal behavior of a cardholder. If an incoming credit card transaction is not accepted by the trained HMM with sufficiently high probability, it is considered to be fraudulent. At the same time, we try to ensure that genuine transactions are not rejected. We present detailed experimental results to show the effectiveness of our approach and compare it with other techniques available in the literature.     

Fair Trading Protocol with Offline Anonymous Credit Card Payment

Abstract

This paper proposes a fair trading protocol. The fair trading protocol provides an overall solution for a trading process with offline anonymous credit card payments.

With the exploding growth of electronic commerce on the Internet, the issue of fairness^1,2 is becoming increasingly more important. Fair exchange protocols have already been broadly used for applications such as electronic transactions,^3,4 electronic mails,^5,6and contract signing.⁷ Fairness is one of the critical issues in online transactions and related electronic payment systems. Many electronic payment systems have been proposed for providing different levels of security to financial transactions, such as iKP,⁸SET,⁹ NetBill,¹⁰ and NetCheque.¹¹ In a normal electronic commerce transaction, there is always a payer and a payee to exchange money for goods or services. At least one financial institution, normally a bank, should be present in the payment system. The financial institution plays the role of issuer for the payer and the role of acquirer for the payee. An electronic payment system must enable an honest payer to convince the payee of a legitimate payment and prevent a dishonest payer from using other unsuitable behavior. At the same time, some additional security requirements may be addressed based on the nature of trading processes and trust assumptions of the system. Payer, payee, and the financial institution have different interests and the trust between two parties should be as little as possible. In electronic commerce, the payment happens over an open network, such as the Internet, and the issue of fairness must be carefully addressed. There is no fairness for involved parties in the existing popular payment protocols. One target of this article is to address the fairness issue in the credit card payment process. In the existing credit card protocols, the financial institution that provides the credit card service plays the role of online authority and is actively involved in a payment. To avoid the involvement of financial institutions in normal transactions and to reduce running costs, some credit card-based schemes with offline financial authority have been proposed.¹² Another target of this article is to avoid the online financial institution for credit card service in normal transactions.     

Securing on-line credit card payments without disclosing privacy information

Two revisions of the original Secure Electronic Transaction (SET) protocol are proposed to conceal cardholders' identities in the electronic marketplace in which cardholders' trust for banks can be reduced to a minimum. Constrained by being extensions of the existing card payment networks to the Internet, most on-line credit card payment schemes in use or proposed in recent papers assume the sensitive card information could be disclosed to all the participating banks. The assumption used to work well in traditional credit card payments before. However, negative impacts such as banking scandals, closure programs due to poor management, and security problems with Internet banking are all undermining cardholders' trust in banks. The issuer is the trusted bank selected by the cardholder, but the acquirer is not. To reveal the cardholder's sensitive card information to every possible acquirer implies potential risk. Based on the need-to-know principle, the two revisions are proposed to relax the assumption mentioned above.In our solutions, the sensitive card information is well protected along the way and can be extracted only by the issuer. A cardholder needs only to select a trustworthy issuer, instead of worrying about the possible breakdowns of every involved acquirer. The cost to achieve our more secure schemes demands only minor information modifications on the legacy system.     

Using Trusted Email to Prevent Credit Card Frauds in Multimedia Products

This paper focuses on credit card fraud in Multimedia Products, which are soft-products. By soft-products, we mean intangible products that can be used and consumed without having them shipped physically, such as software, music and calling cards (calling time). The demand for soft-products, mainly Multimedia Products, on the Internet has grown in the last few years and is rapidly increasing. Credit card fraudulent transactions on such products are very easy to conduct, while very difficult to recover, compared to the fraud cases in hard-products transactions. This paper classifies the types of products sold on the Internet, and the usual fraud occurred in each type. It summarizes some of the existing best practices to prevent credit card fraud. Finally, it introduces the use of a Trusted Email as a way to authenticate the customer and to simulate his/her physical address (since on these products no actual shipping will happen).     

浅析改进的SET协议在电子商务中的作用

随着网络的发展，电子商务越来越引起人们的注意，如何保证传输数据的安全性成为电子商务能否普及的最重要因素之一。本文根据信息隔离和隐藏的原则改进了SET协议，改进后的SET协议允许持卡人参与帐目汇报，以及在电子商务中提供信用卡代理以便隐藏信用卡卡号。改进后的SET协议可有效对抗小范围内交易的机密侵密和大范围内的数据聚合。     

Recovering from a lost digital wallet: A smart cards perspective extended abstract

Multi-application smart cards enable a user to potentially have a diverse set of applications on her smart card. The growing trend of services convergence fuelled by Near Field Communication and smart phones has made multi-application smart cards a tangible reality. In such an environment, cardholders might have a number of applications on their smart cards and if a card is lost, all of the applications would be lost with it. In addition, consumers might decide to upgrade their smart cards and require a seamless and secure framework to migrate their applications from the old smart card to the new one. Currently, the recovery of a smart card-based service might take from a day to a week at best as each of the lost cards can only be replaced by the respective card issuer, during which time the card issuer might lose business from the user because she is not able to access the provisioned services. Similarly, there is at present no migration mechanism proposed for smart card applications. The proposed framework in this paper enables a user to acquire a new smart card as she desires and then migrate/restore all of her applications onto it—allowing her to recover from her lost digital wallet in a secure, efficient, seamless and ubiquitous manner.     

Improving e-payment security using Elliptic Curve Cryptosystem

The use of e-commerce has been associated with a lot of skepticism and apprehension due to some crimes associated with e-commerce and specifically to payment systems. The secure socket layer (SSL) protocol is trusted in this regard to secure transactions for sensitive applications like e-commerce. Unfortunately, the use of SSL protocol causes slow response time on the server which is a major cause of frustration for on-line shoppers. In this paper, we propose a secured credit-debit card payment systems based on Elliptic Curve Cryptosystem (ECC). We first examined ECC algorithm over prime fields GF(p), implement our proposed method using a typical transaction involving credit/debit card numbers and compared the performance with RSA cryptosystem. Our result shows that ECC is faster in terms of response to transaction request and occupies less memory space than equivalent RSA system. Thus, these makes it more suitable public Key cryptography scheme for application in a constraint open environment like payment system where fast operations are needed.     

A cryptographic study of tokenization systems

Payments through cards have become very popular in today’s world. All businesses now have options to receive payments through this instrument; moreover, most organizations store card information of its customers in some way to enable easy payments in future. Credit card data are a very sensitive information, and theft of this data is a serious threat to any company. Any organization that stores credit card data needs to achieve payment card industry (PCI) compliance, which is an intricate process where the organization needs to demonstrate that the data it stores are safe. Recently, there has been a paradigm shift in treatment of the problem of storage of payment card information. In this new paradigm instead of the real credit card data a token is stored, this process is called “tokenization.” The token “looks like” the credit/debit card number, but ideally has no relation with the credit card number that it represents. This solution relieves the merchant from the burden of PCI compliance in several ways. Though tokenization systems are heavily in use, to our knowledge, a formal cryptographic study of this problem has not yet been done. In this paper, we initiate a study in this direction. We formally define the syntax of a tokenization system and several notions of security for such systems. Finally, we provide some constructions of tokenizers and analyze their security in light of our definitions.     

Privacy-preserving e-payments using one-time payment details

The recent increase in data breaching incidents involving high profile e-commerce companies is alarming as such privacy threats can seriously thwart the healthy growth of electronic commerce. We propose a privacy-preserving e-payment scheme that guarantees authenticity while keeping the customer’s sensitive details secret from the respective parties involved in the online transaction. Using a non-reusable password-based authentication approach, the proposed protocol allows consumers to anonymously purchase goods from an online merchant, thus achieving the ideal privacy environment in which to shop. The protocol can be easily deployed in an e-commerce environment without requiring great changes to the current processes.     

E-commerce: protecting purchaser privacy to enforce trust

It has been well documented that lack of trust between commercial entities and purchasers can restrict the potential of e-commerce. This may be because the purchaser is required to provide personal information to the commercial entity, which may then be abused, or because the purchaser may be suspicious that after payment has been processed, the goods purchased will not arrive. The challenge for the researcher is to determine the e-commerce model which maximizes the trust a purchaser has when shopping online.     

Security of Chip Bank Card in Remote Payment Based on Risk Feature

Payment is a necessary thing in people’s daily life, and the development of the Internet makes it possible that people can shop at home. As for chip bank card, it is an important payment method that has been developed in recent years and plays a key role in remote payment. In this study, firstly, the risk features of chip bank cards were analyzed from the general remote payment scheme. Then, based on the security technology theory, a chip bank card remote payment model using elliptic curve hybrid encryption algorithm and identity authentication technology was constructed. In terms of security testing, the National Institute of Standards and Technology (NIST) randomness test was used to illustrate the high randomness of the key, and cryptographic security formal verification method based on Hoare logic was used to illustrate the convergence of the key to the defect, which verified the high security of the chip bank card in the remote payment process.     

Global Internet Trading

More than 20 of the world’s largest banks have joined forces to remove the final obstacle to business-to-business e-commerce – trust in a trading partner’s identity. To supply this trust, member banks of the Identrus group are to issue their corporate customers with smart cards to carry digital certificates that will authenticate their identity.