Enhancing Security of Terminal Payment with Mobile Electronic Signatures

Evgenia Pisko

2007

Abstract

With the growing number of debit card transactions, security issues have arisen correspondingly. By applying the latest technical innovations, criminals are using more and more effective methods of card fraud. They are exploiting security weaknesses of existing debit card payment rules. For instance, if a criminal has acquired the complete card data, he will be then able to use it to withdraw money until the card is blocked. To authorize each payment and to guarantee the integrity of payment information, we have developed a service architecture for mobile signature secured payments at the POS, which we present in this paper. To support the proposed architecture we suggest service subscription and payment protocols.

References

  1. Kartengestützte Zahlungssysteme im Einzelhandel - Jahreserhebung 2005 des EuroHandelsinstituts, EHI (2005)
  2. Lubasi V.: Debit card competition: signature versus pin. In: Chicago Fed Letter, Issue December. Federal Reserve Bank of Chicago (2005). http://www.chicagofed.org/publications/fedletter/cfldecember2005_221.pdf
  3. Polizeiliche Kriminalstatistik 2005. Bundeskriminalamt, Kriminalistisches Institut (2005). http://www.bka.de/pks/pks2005/index2.html
  4. EC-Karte: Betrüger lauern an der Ladenkasse. http://www.daserste.de/plusminus/ beitrag_dyÃuid,taia8kb6z9kn3odãcm.asp
  5. Anderson, R., Bond, M., Murdoch, S.J.: Chip and Spin: Examining the technology behind the "Chip and PIN" initiative (2006). http://www.chipandspin.co.uk/
  6. Directive 1999/93/Ec Of The European Parliament And Of The Council of 13 December 1999 on a Community framework for electronic signatures, European Union (1999)
  7. Rossnagel, H.: Mobile Qualified Electronic Signatures and Certification on Demand. In: Proceedings of the 1st European PKI Workshop - Research and Applications, LNCS 3093, Springer (2004)
  8. Kreyer, N., Pousttchi, K., Turowski, K.: Standardized Payment Procedures as Key Enabling Factor for Mobile Commerce. In: Proceedings of the Third International Conference on ECommerce and Web Technologies, LNCS, Vol. 2455, Springer (2002)
  9. Nambiar, S., Lu, C.T.: M-Payment Solutions and M-Commerce Fraud Management. In: Hu, W.-Ch et al (eds), Advances in Security and Payment Methods for Mobile Commerce, pp. 192-213, Idea Group, Inc. (2005)
  10. Muntermann, J., Rossnagel, H., Rannenberg, K.: Mobile Brokerage Infrastructures - Capabilities and Security Requirements. In: Proceedings of the 13th European Conference on Information Systems (ECIS 2005)
  11. European IST Project 'Wireless Trust for Mobile Business' (WiTness) (2004)
  12. NFC Forum. http://www.nfc-forum.org/home
Download


Paper Citation


in Harvard Style

Pisko E. (2007). Enhancing Security of Terminal Payment with Mobile Electronic Signatures . In Proceedings of the 1st International Joint Workshop on Wireless Ubiquitous Computing - Volume 1: WUC, (ICEIS 2007) ISBN 978-972-8865-94-8, pages 13-22. DOI: 10.5220/0002430900130022


in Bibtex Style

@conference{wuc07,
author={Evgenia Pisko},
title={Enhancing Security of Terminal Payment with Mobile Electronic Signatures},
booktitle={Proceedings of the 1st International Joint Workshop on Wireless Ubiquitous Computing - Volume 1: WUC, (ICEIS 2007)},
year={2007},
pages={13-22},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002430900130022},
isbn={978-972-8865-94-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 1st International Joint Workshop on Wireless Ubiquitous Computing - Volume 1: WUC, (ICEIS 2007)
TI - Enhancing Security of Terminal Payment with Mobile Electronic Signatures
SN - 978-972-8865-94-8
AU - Pisko E.
PY - 2007
SP - 13
EP - 22
DO - 10.5220/0002430900130022