Vulnerability, threats, and attacks in E Payments System: Security Solutions
DOI:
https://doi.org/10.61841/zz12y553Keywords:
E-Payment System, E-Transaction, M-Payment, Security, Secure E-Transaction.Abstract
the current payment system through online applications has to trend at a furious pace. The various and multiple numbers of online transaction methods (i.e., E-payment systems) has been proposed for various security aspects. However, with the increasing of E-payment methods, the various cyber-attacks methods are also increasing at an advanced level. Therefore, in this study have presented a terminology of E-payment system including with various existing methods. Also illustrates security provisions and solutions. The primary objective is to provide the roadmap of E-payment mechanism and its opportunities for future scope.
Downloads
References
1. Heindl, Dr. Eduard. "Online Payment Process." (2008).
2. E. Taylor, "Mobile payment technologies in retail: A review of potential benefits and risks", Int. J. Retail Distrib. Manage., vol. 44, no. 2, pp. 159-177, 2016..
3. S. Ghosh, A. Majumder, J. Goswami, A. Kumar, S. P. Mohanty, B. K. Bhattacharyya, "Swing-Pay: One card meets all user payment and identity needs: A digital card module using NFC and biometric authentication for peer-to-peer payment", IEEE Consum. Electron. Mag., vol. 6, no. 1, pp. 82-93, Jan. 2017
4. Y. Jin et al., "Study on security of mobile payment", Proc. Int. Conf. Mech. Int. Robot., pp. 123-127, Nov. 2017.
5. V. Patel, R. Chellappa, D. Chandra, B. Barbello, "Continuous user authentication on mobile devices: Recent progress and remaining challenges", IEEE Signal Process. Mag., vol. 33, no. 4, pp. 49-61, Jul. 2016.
6. Y. Wang, C. Hahn, K. Sutrave, "Mobile payment security threats and challenges", Proc. 2nd Int. Conf. Mobile Secure Services (MobiSecServ), pp. 1-5, Feb. 2016.
7. S.-Y. Chiou, W.-T. Ko, E.-H. Lu, "A secure ECC-based mobile RFID mutual authentication protocol and itsapplication", Int. J. Netw. Secur., vol. 20, no. 2, pp. 396-402, Mar. 2018.
8. J. Tállez, S. Zeadally, "Security in mobile payment systems", Mobile Payment Systems, pp. 93-106, Oct. 2017.
9. P. W. Shor, "Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer", SIAM Rev., vol. 41, no. 2, pp. 303-332, 1999.
10. S. Bai, T. Lepoint, A. Roux-Langlois, A. Sakzad, D. Stehlé, R. Steinfeld, "Improved security proofs in lattice-based cryptography: Using the rényi divergence rather than the statistical distance", J. Cryptol., vol. 31, no. 2, pp. 610-640, Apr. 2018.
11. Huang, Echo, and Fachang Chen. "Electronic Payment Use and Legal Protection." In International Conference on Digital Enterprise and Information Systems, pp. 158-171. Springer, Berlin, Heidelberg, 2011. aaa
12. Raina, Vibha Kaw. "Overview of mobile payment: technologies and security." In Banking, Finance, and Accounting: Concepts, Methodologies, Tools, and Applications, pp. 180-217. IGI Global, 2015.
13. Li & Wang. (n.d.). Secure electronic transaction (SET protocol). Retrieved from http://people.dsv. su.se/~matei/courses/IK2001_SJE/li-wang_SET. pdf
14. Isaac, Jesús Téllez, and Zeadally Sherali. "Secure mobile payment systems." IT Professional 16, no. 3 (2014): 36-43. aaa
15. Mobile Payments: Risk, Security, and Assurance Issues, white paper, ISACA, Nov. 2011; www.isaca.org/Groups/Professional-English/pci-compliance/GroupDocuments/MobilePaymentsWP.pdf.
16. aa
17. Black NJ, Lockett A, Ennew C, Winklhofer H, McKechnie S (2002) Modelling consumer choice of distribution channels: an illustration from financial services. Int J Bank Mark 20(4):161–173
18. Barnes SJ, Corbitt B (2003) Mobile banking: concept and potential. Int J Mob Commun. 1(3):273–288 Bentler PM (1989) EQS, structural equations, program manual, program version 30. BMDP Statistical Software, Los Angeles
19. J. Kang, "Mobile payment in fintech environment: Trends security challenges and services," Hum.-Centric Comput. Inf. Sci., vol. 8, pp. 32, Oct. 2018.
20. E. Taylor, "Mobile payment technologies in retail: A review of potential benefits and risks," Int. J. Retail Distrib. Manage., vol. 44, no. 2, pp. 159-177, 2016.
21. J. Khalilzadeh, A. B. Ozturk, A. Bilgihan, "Security-related factors in extended UTAUT model for NFC based mobile payment in the restaurant industry," Comput. Hum. Behav., vol. 70, pp. 460-474, May 2017.
22. S. W. Park, I. Y. Lee, "Mutual authentication scheme based on GSM for NFC mobile payment environments", Adv. Comput. Sci. Ubiquitous Comput., vol. 373, pp. 391-395, Dec. 2015.
23. Z. Xu, T. Zhang, Y. Zeng, J. Wan, W. Wu, "A secure mobile payment framework based on face authentication," Proc. Int. MultiConf. Eng. Comput. Scientists, vol. 1, pp. 495-501, Mar. 2015.
24. Eastlick MA, Lotz SL, Warrington P (2006) An integrated model of privacy concerns, trust, and commitment. J Bus Res 59(8):870–880
25. Cao, Chenglong, and Xiaoling Zhu. "Practical Secure Transaction for Privacy-Preserving Ride-Hailing Services." Security and Communication Networks 2018 (2018).
26. S. Abughazalah, K. Markantonakis, and K. Mayes, “Secure mobile payment on NFC-enabled mobile phones formally analysed using CasperFDR,” in Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom ’14), pp. 422–431, IEEE, Beijing, China, September 2014.
27. Z. Qin, J. Sun, A. Wahaballa, W. Zheng, H. Xiong, and Z. Qin, "A secure and privacy- preservingmobilewalletwith outsourced verification in cloud computing," Computer Standards & Interfaces, vol. 54, pp. 55–60, 2017.
28. Barkhordari, Maryam, Zahra Nourollah, Hoda Mashayekhi, Yoosof Mashayekhi, and Mohammad S. Ahangar. "Factors influencing adoption of e-payment systems: an empirical study on Iranian customers." Information Systems and e-Business Management 15, no. 1 (2017): 89-116.
29. Karimi Anche F, Hozouri S, Mehdizadeh A (2014) An exploration investigation on important factors influencing e-marketing: Evidence from the banking industry. Uncertain Supply Chain Manag 2(1):49–54
30. Braeken, An. "An Improved E-Payment System and Its Extension to a Payment System for Visually Impaired and Blind People with User Anonymity." Wireless Personal Communications 96, no. 1 (2017): 563-581.
31. Yang, J.-H., Chang, Y.-F., & Chen, Y.-H. (2013). An efficient authenticated encryption scheme based on ECC and its application for electronic payment. Information Technology and Control, 42(4), 315–324.
32. Chaudhry, S. A., Farash, M. S., Naqvi, H., & Sher, M. (2015). A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography. Electronic Commerce Research, 16(1), 113–139.
33. D. A. Ortiz-Yepes, "Areviewof technical approaches to realizing near-field communication mobile payments," IEEE Security and Privacy, vol. 14, no. 4, pp. 54–62, 2016.
34. P. Subpratatsavee and P. Kuacharoen, "Internet banking transaction authentication using one-time mobile password and QR code," Advanced Science Letters, vol. 21, no. 10, pp. 3189–3193, 2015.
35. B. Zhang, K. Ren, G. Xing, X. Fu, and C.Wang, "SBVLC: secure barcode-based visible light communication for smartphones," in Proceedings of the 33rd IEEE Conference on Computer Communications (IEEE INFOCOM '14), pp. 2661–2669, Toronto, Canada, May 2014.
36. H. Suryotrisongko, Sugiharsono, and B. Setiawan, “A novel mobile payment scheme based on secure quick response payment with minimal infrastructure for cooperative enterprise in developing countries,” Procedia—Social and Behavioral Sciences, vol. 65, pp. 906–912, 2012.
37. P. De and J. Eliasson, “An assessment of QR code as a user interface enabler for mobile payment apps on smartphones,” in Proceedings of the 7th International Conference on HCI (IndiaHCI ’15), pp. 81–84, Guwahati, India, December 2015.
38. Terán, Luis, Celine Horst, B. Fausto Valencia, and Priscila Rodriguez. "Public electronic payments: A case study of the electronic cash system in Ecuador." In a democracy & eGovernment (ICEDEG), 2016 Third International Conference on, pp. 65-70. IEEE, 2016.
39. ChitraKiran, N., Bhuvan Teja, Suchira Suresh, B. Krishna, S. M. Akarsh, and Jerrin Yomas. "A biometric- based payment system by using payee and payer module." In Recent Trends in Electronics, Information & Communication Technology (RTEICT), 2017 2nd IEEE International Conference on, pp. 2252-2256. IEEE, 2017.
40. J. Kang; D. Nyang, "A Privacy-Preserving Mobile Payment System for Mass Transit," in IEEE Transactions on Intelligent Transportation Systems, Vol.PP, No.99, pp.1-14, 2017
41. J.-H. Yang and P.-Y. Lin, “A mobile payment mechanism with anonymity for cloud computing,” J. Syst. Softw., vol. 116, pp. 69–74, Jun. 2016.
42. Kang, Baoyuan, and Danhui Xu. "Secure electronic cash scheme with anonymity revocation." Mobile Information Systems, 2016 (2016).
43. Fan, Chun-I., Wei-Zhe Sun, and Hoi-Tung Hau. "Date attachable offline electronic cash scheme." The Scientific World Journal 2014 (2014).
44. Kiran, Chitra N., and G. Narendra Kumar. "Implication of secure micropayment system using process- oriented structural design by hash chaining in a mobile network." International Journal of Computer Science Issues (IJCSI) 9, no. 1 (2012): 329.
45. Kiran, N. Chitra, and G. Narendra Kumar. "Reliable OSPM schema for the secure transaction using a mobile agent in micropayment system." In Computing, Communications and Networking Technologies (ICCCNT), 2013 Fourth International Conference on, pp. 1-6. IEEE, 2013.
46. Jianming Zhu; Ninghong Wang; JianFeng Ma, "A micro-payment scheme for multiple-vendor in m- commerce," E-Commerce Technology for Dynamic E-Business, 2004. IEEE International Conference on , vol., no., pp.202,208, 15-15 Sept. 2004.
47. Solat, Siamak. "Security of electronic payment systems: A comprehensive survey." arXiv preprint arXiv:1701.04556 (20
48. L.CHARLIENE KARUNYA, P.HARINI, S.ISWARYA, A.JERLIN. "EMERGENCY ALERT SECURITY
SYSTEM FOR HUMANS." International Journal of Communication and Computer Technologies 7 (2019), 6-10. doi:10.31838/ijccts/07.SP01.02
49. Georgiev, D. Remarks on the number of tubulin dimers per neuron and implications for Hameroff-Penrose Orch OR (2009) NeuroQuantology, 7 (4), pp. 677-679.
50. Klapproth, F. Single-modality memory mixing in temporal generalization: An effect due to instructional ambiguity (2009) NeuroQuantology, 7 (1), pp. 85-94.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
