Can smart cards reduce payments fraud and identity theft?

In the United States, when a consumer presents a payment to a merchant, the merchant typically makes a request for authorization before accepting the payment. Personal information, such as an account number, address, or telephone number, are often enough to initiate a payment. A serious weakness of this system is that criminals who obtain the correct personal information can impersonate an honest consumer and commit payments fraud. ; A key to improving security-and reducing payments fraud-might be payment smart cards. Payment smart cards have an embedded computer chip that encrypts messages to aid authorization. If properly configured, payment smart cards could provide direct benefits to consumers, merchants, banks, and others. These groups would be less vulnerable to the effects of fraud and the cost of fraud prevention would fall. Smart cards could also provide indirect benefits to society by allowing a more efficient payment system. Smart cards have already been adopted in other countries, allowing a more secure payments process and a more efficient payments system. ; Sullivan explores why smart cards have the potential to provide strong payment authorization and thus put a substantial dent into the problems of payments fraud and identity theft. But adopting smart cards in the United States faces some significant challenges. First, the industry must adopt payment smart cards and their new security standards. Second, card issuers and others in the payments industry must agree on the specific forms of security protocols used in smart cards. In both steps the industry must overcome market incentives that can impede the adoption of payment smart cards or limit the strength of their security.

Economically sustainable public security and emergency network exploiting a broadband communications satellite

The research contributes to work in Rapid Deployment of a National Public Security and Emergency Communications Network using Communication Satellite Broadband. Although studies in Public Security Communication networks have examined the use of communications satellite as an integral part of the Communication Infrastructure, there has not been an in-depth design analysis of an optimized regional broadband-based communication satellite in relation to the envisaged service coverage area, with little or no terrestrial last-mile telecommunications infrastructure for delivery of satellite solutions, applications and services. As such, the research provides a case study of a Nigerian Public Safety Security Communications Pilot project deployed in regions of the African continent with inadequate terrestrial last mile infrastructure and thus requiring a robust regional Communications Satellite complemented with variants of terrestrial wireless technologies to bridge the digital hiatus as a short and medium term measure apart from other strategic needs. The research not only addresses the pivotal role of a secured integrated communications Public safety network for security agencies and emergency service organizations with its potential to foster efficient information symmetry amongst their operations including during emergency and crisis management in a timely manner but demonstrates a working model of how analogue spectrum meant for Push-to-Talk (PTT) services can be re-farmed and digitalized as a “dedicated” broadband-based public communications system. The network’s sustainability can be secured by using excess capacity for the strategic commercial telecommunication needs of the state and its citizens. Utilization of scarce spectrum has been deployed for Nigeria’s Cashless policy pilot project for financial and digital inclusion. This effectively drives the universal access goals, without exclusivity, in a continent, which still remains the least wired in the world

A framework of mobile transaction use: the user’s perspective

The remarkable advances of mobile technologies and the prevalence of mobile devices have profoundly transformed telephony systems. They provide functionalities which surpass telephony needs, and which motivate the development of value-added mobile services and functions. The number of mobile phones in use far exceeds any other technical devices that could be used to market, sell, produce, or deliver products and services to consumers. These developments open lucrative opportunities to retailers and service providers. The literature highlights the fact that mobile transactions (m-transactions) are one of the most critical incentives for successful mobile commerce (m-commerce). However, the successfulness of m-transaction systems in Saudi Arabia requires a strong acceptance of the Saudi consumers. The importance of this study is accentuated by the fact that mobile commerce and its services are still in their infancy and there is still an apparent lack of acceptance of mobile transactions amongst Saudi users. Research needs to address the issue of acceptance of m-transactions from the user’s perspective, particularly within developing countries as they suffer from a noticeable lack of studies in this field. This research initially starts with a comprehensive literature review about the critical factors affecting the acceptance and use of electronic commerce (e-commerce), m-commerce and focuses on m-transactions, including different technology acceptance models and theories, helping to investigate whether there exists an effective comprehensive framework for adopting m-transactions within the context of Saudi Arabia and, more specifically, from a consumer’s perspective. Furthermore, to emphasize the true value measure of m-transaction, we must comprehend and evaluate the potency and limitations of mobile purchasing and the key factors affecting the m-transaction use decision. M-transactions hold a huge potential for online business and sales, but merely having an m-transaction service “hosted” on the World Wide Web (WWW) should not lead us to believe that customers will rush into mobile commercial websites for their desired products. Recognising that fact and realizing that there are different important factors and concerns over m-transactions playing a significant role, highlight the need for investigating and developing a framework that encompasses the critical factors affecting the intention to use m-transaction within the context of a Saudi consumer’s perspective. In order to achieve this goal, this study evolved in several stages aiming to reach a satisfactory level of maturity. These stages can be divided into three main phases: (1) exploratory phase which contains three exploratory studies which helped to add the cultural qualities as a further dimension that would play a significant role in such a unique cultural region. Consequently, a holistic framework is integrated that includes the key factors affecting the intention to use m-transactions. This framework is empirically validated in (2) a further study using a statistically representative sample size of 1008 Saudi users from different demographic backgrounds. The empirical analysis revealed that security, ease of use, usefulness, social influence, navigational structure, telecommunication infrastructure, individualism, masculinity, power distance, uncertainty avoidance, and visual appeal have a significant impact on the intention to use m-transactions. Amongst those factors, ease of use was the most significant influential factor. Therefore, this led to (3) another study aiming to empirically investigate the level of ease of use (usability) of conducting m-transactions within the Saudi context. In total, this research comprised five different empirical studies to extend our understanding of the phenomenon of m-transactions. The ultimate product of this research is to develop a consolidated framework for the intention to use m-transactions, combined with a set of recommendations for mobile websites and application developers, designers, government, and other organizations that intend to extend their business in the mobile commerce area, and this should eventually benefit the users

Participant Domain Name Token Profile for security enhancements supporting service oriented architecture

This research proposes a new secure token profile for improving the existing Web Services security standards. It provides a new authentication mechanism. This additional level of security is important for the Service-Oriented Architecture (SOA), which is an architectural style that uses a set of principles and design rules to shape interacting applications and maintain interoperability. Currently, the market push is towards SOA, which provides several advantages, for instance: integration with heterogeneous systems, services reuse, standardization of data exchange, etc. Web Services is one of the technologies to implement SOA and it can be implemented using Simple Object Access Protocol (SOAP). A SOAP-based Web Service relies on XML for its message format and common application layer protocols for message negotiation and transmission. However, it is a security challenge when a message is transmitted over the network, especially on the Internet. The Organization for Advancement of Structured Information Standards (OASIS) announced a set of Web Services Security standards that focus on two major areas. “Who” can use the Web Service and “What” are the permissions. However, the location or domain of the message sender is not authenticated. Therefore, a new secure token profile called: Participant Domain Name Token Profile (PDNT) is created to tackle this issue. The PDNT provides a new security feature, which the existing token profiles do not address. Location-based authentication is achieved if adopting the PDNT when using Web Services. In the performance evaluation, PDNT is demonstrated to be significantly faster than other secure token profiles. The processing overhead of using the PDNT with other secure token profiles is very small given the additional security provided. Therefore all the participants can acquire the benefits of increased security and performance at low cost

E-commerce and small and medium enterprises (SME) in least developed countries : the case of Tanzania

Includes abstract.Includes bibliographical references.The purpose of the study was to investigate the E-Commerce phenomena in Tanzania with the goal of understanding how E-Commerce is typically made sense of by Tanzanian SMEs and how the sense making is produced, sustained and affected by environmental and organisational conditions. Structuration theory was used as a theoretical lens from which the social construction of the E-Commerce phenomena could be understood. The study primarily adopted a subjective interpretive stance. A preliminary quantitative study using questionnaires and interviews was done to gain an initial understanding of the E-Commerce status quo in Tanzania. The main study was qualitative in nature and used interviews with 33 Tanzanian SMEs as the data collection method

Designing an efficient and secure credit card-based payment system with web services based on ANSI X9.59-2006

A secure Electronic Payment System (EPS) is essential for the booming online shop-ping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between seller and buyer over the Internet. SET, CyberCash, Paypal and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence they only prevent the "Man in the Middle" fraud but do not protect the sensitive cardholder information such as credit card number to be passed to the mer-chant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes but factors such as ease of use for the cardholder and the implementation costs for each party are fre-quently overlooked. In this paper, we propose a Web service based new payment sys-tem, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the X9.59 limitations by adding a merchant au-thentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security