A Light Number-Generation Scheme for Feasible and Secure Credit-Card-Payment Solutions
Disposable-number credit card is a recent approach to contrasting the severe problem of credit card fraud, nowadays constantly growing, especially in credit-card-based e-commerce payments. Whenever the solutions cannot rely on a secure extra communication channel between cardholder and issuer, the only possibility is to generate new numbers on the basis of some common scheme, starting from secret shared initial information. However, in order to make the approach feasible, the computational load both on issuer and customer side should be minimized, also to reduce the cost of user-side devices, keeping yet an adequate security level. In this paper we present a disposable-number credit card scheme meeting the above goals, going a step ahead w.r.t. the state of the art.
Unable to display preview. Download preview PDF.
- 2.ECMA. ECMA-182: Data Interchange on 12,7 mm 48-Track Magnetic Tape Cartridges — DLT1 Format (December 1992)Google Scholar
- 4.Li, Y., Zhang, X.: A security-enhanced one-time payment scheme for credit card. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE 2004), pp. 40–47 (2004)Google Scholar
- 6.Luhn, H.P.: Computer for verifying numbers. U.S. Patent 2, 950, 048 (1960)Google Scholar
- 7.NIST/NSA. Fips 180-2 secure hash standard (SHS). NIST/NSA (August 2002)Google Scholar
- 8.Dynamic passcode authentication, http://www.visaeurope.com
- 9.Private Payments, http://www10.americanexpress.com
- 10.Paypal, http://www.paypal.com
- 11.Peterson, W.W.: Error-correcting codes. MIT Press and J. Wiley & Sons (1961)Google Scholar
- 13.Rubin, A., Wright, N.: Off-line generation of limited-use credit card numbers. In: Proceedings of the Fifth International Conference on Financial Cryptography, pp. 165–175 (2001)Google Scholar
- 15.SET Secure Electronic Transaction LLC. SET Secure Electronic Transaction Specification, http://www.setco.org
- 16.Shamir, A.: Secureclick: A web payment system with disposable credit card numbers. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 232–242. Springer, Heidelberg (2002)Google Scholar
- 17.Singh, A., dos Santos, A.L.M.: Grammar based off line generation of disposable credit card numbers. In: SAC 2002: Proceedings of the 2002 ACM symposium on Applied computing, pp. 221–228. ACM Press, New York (2003)Google Scholar
- 18.Singh, A., dos Santos, A.L.M.: Context free grammar for the generation of one time authentication identity. In: FLAIRS Conference (2004)Google Scholar