687 research outputs found

    The verification of an industrial payment protocol

    Get PDF

    A Purchase Protocol with Multichannel Authentication

    Get PDF
    While online shopping are becoming more accepted by people in modern life, cardholders are more concerned about card fraud and the lack of cardholder authentication in the current online credit card payment. This paper proposes a purchase protocol with live cardholder authentication for online transaction which combines telephone banking and online banking together. The order information and payment information are sent though the Internet and encrypted by asymmetric key encryption. The cardholder is authenticated by the card issuing bank ringing back at the customer’s phone number and the cardholder inputting the secure PIN and the amount to pay. The multichannel authentication makes the cardholder feel secure and card fraud difficult. Furthermore, the protocol does not require the cardholder to obtain public key certificates or install additional software for the online transactionPeer reviewe

    Holistic analysis of mix protocols

    Get PDF
    Security protocols are often analysed in isolation as academic challenges. However, the real world can require various combinations of them, such as a certified email protocol executed over a resilient channel, or the key registration protocol to precede the purchase protocols of Secure Electronic Transactions (SET). We develop what appears to be the first scalable approach to specifying and analysing mix protocols. It expands on the Inductive Method by exploiting the simplicity with which inductive definitions can refer to each other. This lets the human analyst study each protocol separately first, and then derive holistic properties about the mix. The approach, which is demonstrated on the sequential composition of a certification protocol with an authentication one, is not limited by the features of the protocols, which can, for example, share message components such as cryptographic keys and nonces. It bears potential for the analysis of complex protocols constructed by general composition of others

    A Comparative Study of Card Not Present E-commerce Architectures with Card Schemes: What About Privacy?

    Get PDF
    International audienceInternet is increasingly used for card not present e-commerce ar-chitectures. Several protocols, such as 3D-Secure, have been proposed in the literature by Card schemes or academics. Even if some of them are deployed in real life, these solutions are not perfect considering data security and user's privacy. In this paper, we present a comparative study of existing solutions for card not present e-commerce solutions. We consider the main security and privacy trends of e-payment in order to make an objective comparison of existing solutions. This comparative study illustrates the need to consider privacy in deployed e-commerce architectures. This has never been more urgent with the recent release of the new specifications of 3D-secure

    The use of prepaid cards for banking the poor

    Get PDF
    Prepaid products can become an effective instrument for banking the poor, as they can be used for collecting microdeposits and so operate as a low-cost account. Prepaid platforms have characteristics that make them especially useful for developing low-cost microfinance business models. Indeed, customers using prepaid systems do not need bank accounts or debit or credit cards. Prepaid issuers do not need to develop or invest in new technologies, as this mechanism can be used on a range of platforms, including PCs, mobile phones, hand-held and set-top boxes. Furthermore, prepaid products are specially designed for offering services demanded by the poor, such as micropayments, microdeposits and even microcredits. Lastly, they allow users to monitor their cash flow by receiving statements (some providers offer this feature online, others provide physical statements) or accessing balances through PCs, mobile phones, hand-held and set-top boxes. Besides collecting microdeposits, prepaid products (or SVCs as they are called in the United States) offer other services that can be very valuable for serving the unbanked population. As explained in this paper, prepaid products generally lack the identification and credit requirements that effectively bar millions of individuals from opening traditional bank accounts, especially in the United States. Moreover, prepaid products can be purchased and reloaded at a growing number of locations other than bank branches, such as check cashers, convenience stores and other retailers. Prepaid instruments can also provide immediate availability of funds at a cost that, in some cases, is lower than other alternatives for unbanked consumers. Also, prepaid products are difficult to overdraw, thus reducing the likelihood of unexpected fees. Lastly, many prepaid issuers offer some sort of bill pay option, especially branded cards that enable signature-based transactions, and a significant number of them offer remittances.Prepaid card; microdeposits; mobile phone; store value card; e-money; banking the poor;

    SmartCities Public Final Report

    No full text

    Recent International Developments in the Law of Negotiable Instruments and Payment and Settlement Systems

    Get PDF
    This paper surveys four recent major developments worldwide in the areas of negotiable instruments and payment and settlement systems. Only private or commercial law aspects are considered. Topics covered are checks, payment cards, securities transfers, and payment transactions. A common theme is the adaptation by statute of the law to tile world of electronic banking as it keeps evolving

    Recent International Developments in the Law of Negotiable Instruments and Payment and Settlement Systems

    Get PDF
    This paper surveys four recent major developments worldwide in the areas of negotiable instruments and payment and settlement systems. Only private or commercial law aspects are considered. Topics covered are checks, payment cards, securities transfers, and payment transactions. A common theme is the adaptation by statute of the law to tile world of electronic banking as it keeps evolving
    corecore