A Light Number-Generation Scheme for Feasible and Secure Credit-Card-Payment Solutions

  • Francesco Buccafurri
  • Gianluca Lax
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5183)


Disposable-number credit card is a recent approach to contrasting the severe problem of credit card fraud, nowadays constantly growing, especially in credit-card-based e-commerce payments. Whenever the solutions cannot rely on a secure extra communication channel between cardholder and issuer, the only possibility is to generate new numbers on the basis of some common scheme, starting from secret shared initial information. However, in order to make the approach feasible, the computational load both on issuer and customer side should be minimized, also to reduce the cost of user-side devices, keeping yet an adequate security level. In this paper we present a disposable-number credit card scheme meeting the above goals, going a step ahead w.r.t. the state of the art.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: the insecurity of 802.11. In: MobiCom 2001: Proceedings of the 7th annual international conference on Mobile computing and networking, pp. 180–189. ACM Press, New York (2001)CrossRefGoogle Scholar
  2. 2.
    ECMA. ECMA-182: Data Interchange on 12,7 mm 48-Track Magnetic Tape Cartridges — DLT1 Format (December 1992)Google Scholar
  3. 3.
    Hill, J.R.: A table driven approach to cyclic redundancy check calculations. SIGCOMM Comput. Commun. Rev. 9(2), 40–60 (1979)CrossRefGoogle Scholar
  4. 4.
    Li, Y., Zhang, X.: A security-enhanced one-time payment scheme for credit card. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE 2004), pp. 40–47 (2004)Google Scholar
  5. 5.
    Li, Y., Zhang, X.: Securing credit card transactions with one-time payment scheme. Electronic Commerce Research and Applications 4, 413–426 (2005)CrossRefGoogle Scholar
  6. 6.
    Luhn, H.P.: Computer for verifying numbers. U.S. Patent 2, 950, 048 (1960)Google Scholar
  7. 7.
    NIST/NSA. Fips 180-2 secure hash standard (SHS). NIST/NSA (August 2002)Google Scholar
  8. 8.
    Dynamic passcode authentication,
  9. 9.
  10. 10.
  11. 11.
    Peterson, W.W.: Error-correcting codes. MIT Press and J. Wiley & Sons (1961)Google Scholar
  12. 12.
    Ramabadran, T.V., Gaitonde, S.S.: A tutorial on crc computations. IEEE Micro. 8(4), 62–75 (1988)CrossRefGoogle Scholar
  13. 13.
    Rubin, A., Wright, N.: Off-line generation of limited-use credit card numbers. In: Proceedings of the Fifth International Conference on Financial Cryptography, pp. 165–175 (2001)Google Scholar
  14. 14.
    Sarwate, D.V.: Computation of cyclic redundancy checks via table look-up. Commun. ACM 31, 1008–1013 (1988)CrossRefGoogle Scholar
  15. 15.
    SET Secure Electronic Transaction LLC. SET Secure Electronic Transaction Specification,
  16. 16.
    Shamir, A.: Secureclick: A web payment system with disposable credit card numbers. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 232–242. Springer, Heidelberg (2002)Google Scholar
  17. 17.
    Singh, A., dos Santos, A.L.M.: Grammar based off line generation of disposable credit card numbers. In: SAC 2002: Proceedings of the 2002 ACM symposium on Applied computing, pp. 221–228. ACM Press, New York (2003)Google Scholar
  18. 18.
    Singh, A., dos Santos, A.L.M.: Context free grammar for the generation of one time authentication identity. In: FLAIRS Conference (2004)Google Scholar
  19. 19.
    Stubblefield, A., Ioannidis, J., Rubin, A.D.: A key recovery attack on the 802.11b wired equivalent privacy protocol (wep). ACM Trans. Inf. Syst. Secur. 7(2), 319–332 (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Francesco Buccafurri
    • 1
  • Gianluca Lax
    • 1
  1. 1.DIMETUniversity of Reggio CalabriaReggio CalabriaItaly

Personalised recommendations