Abstract
The rapid growth of the Internet and its adoption for commercial transactions is indisputable. However, the core security protocols of the Internet today are susceptible to security lapses, especially when it comes to online payment systems which are indispensable to the growth of e-commerce across the globe. This has led to the development of various online payment protocols to ensure the security of online transactions such as Secure Electronic Transaction and The Secure Socket Layer. In designing online payment protocols, there is often a trade-off between security and convenience. More and more participants of online transactions suffer in one way or another from fraudsters. Ghana is gaining notoriety in online fraud, and there is therefore a need to protect the interest of the participants in the areas of authentication, confidentiality, replay attacks as well as flexibility if e-commerce is to thrive in developing countries. This paper looks at some online payment protocols and develops a conceptual model of a protocol which requires live authentication from the cardholder. This ensures security, convenience, cardholder authentication, and verification of merchant; it is easy to implement without complications and to compare with other existing online payment protocols. Participants that are considered in this work are the Cardholder, Issuer, Merchant, and Acquirer.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
travel.state.gov , http://travel.state.gov/travel/cis_pa_tw/cis/cis_1124.html (2010), http://travel.state.gov (accessed September 10, 2011)
www.apca.com.au , http://www.apca.com.au/Public/apca01_live.nsf/ResourceLookup/Payment_Fraud_St (2009), http://www.apca.com.au (accessed November 5, 2010)
Levi, A., Kroc, C.K.: CONSEPP:Conevient and Secure Electronic Payment Protocol Based on X9.59. In: 17th Annual Computer Security Applications Conference, New Orleans, Louisiana (2001)
Hwang, J.-J., Yeh, T.-C., Li, J.-B.: Securing On-line Credit Card Payments Without Disclosing Information. Computer Standards and Interfaces, 119–129 (2003)
Paunov, C., Vickery, G. http://www.oecd.org/dataoecd/37/19/36736056.pdf (April 18, 2006), http://www.oecd.org/dataoecd/37/19/36736056.pdf (accessed September 20, 2011)
Sumanjeet, S.: Emergence of Payment Systems in the Age of Electronic Commerce: the State of Art. Global Journal of International Business Research, 17–36 (2009)
Turban, E., Lee, J.K., King, D., Liang, T.P., Turban, D.: Electronic Commerce: Managerial Perspective 2010. Prentice Hall (2010)
Xiao, H., Christianson, B., Zhang, Y.: A Purchase Protocol with Live Cardholder Authentication for Online Payment. In: The Fourth International Conference on Information Assurance and Security (2008)
Bellare, M., Garay, J.A., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Tsudik, G., Herreweghen, E.V., Waidner: Design, Implementation and Deployment of the iKP Secure Electronic Payment System. IEEE Jurnal of Selected Areas in Communication 18(4) ( April 2000)
Hall, J., Kilbank, S., Barbeau, M., Kranakis, E.: WPP: A Secure Payment Protocol for Supporting Credit Card Transaction Over Wireless Network. In: IEEE International Conference on Telecommunications (ICT), Bucharest, Romania (2001)
Fourati, A., Ayed, H.K.B., Kamoun, F., Benzekri, A.: A SET Base Approach to Secure the Payment in Mobile Commerce. In: 27th Annual IEEE Conference on Local Computer Networks, Tampa, Florida (2002)
Ford, W.: Secure Electronic Commerce; Building the Infrastructure for Digital Signatures and Encryption, 2nd edn. Prentice Hall (2001)
Paulson, L.C.: Verifying the SET Protocol: Overview. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 4–14. Springer, Heidelberg (2003)
Knospe, H., Schwiderski-Grosche, S.: Online Payment for Access to Heterogeneous Mobile Networks. In: IST Mobile and Wireless Telecommunication Summit, Thesaloniki, Greece (2002)
Li, Y., Zhang, X.: Securing Credit Card Transaction with One-Time Payment Scheme. Electronic Commerce Research and Application, 413–426 (2005)
Kaol, W.-C., Fang, C.-Y., Chen, Y.-Y., Shen, M.-H., Wong, J.: Integrating Flexible Electrophoretic and One-Time Password Generator in Smart Cards. IEEE (2008)
Li, Y.: The Design of the Secure Payments Systems Based on SET Protocol. In: International Conference on Computer Science and Information Technology (2008)
www.ibonus.net , http://www.ibonus.net/web/home/ (2011), http://www.ibonus.net (accessed September 11, 2011)
MTN, http://www.mtn.com.gh/NewsArtDetails.aspx?AID=112&ID&CID=38&MID=11&FirstParentID=1 (2009), http://www.mtn.com.gh (accessed September 11, 2011)
www.authorize.net , http://www.authorize.net/resources/howitworksdiagram/ (2011), http://www.authorize.net (accessed September 23, 2011)
www.bog.gov.gh , http://www.bog.gov.gh/index1.php?linkid=183&adate=28/01/2008&archiveid=1102&page=1 (Febuary 2008), http://www.bog.gov.gh (accessed September 23, 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Takyi, A., Gyaase, P.O. (2012). Enhancing Security of Online Payments: A Conceptual Model for a Robust E-Payment Protocol for E-Commerce. In: Khachidze, V., Wang, T., Siddiqui, S., Liu, V., Cappuccio, S., Lim, A. (eds) Contemporary Research on E-business Technology and Strategy. iCETS 2012. Communications in Computer and Information Science, vol 332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34447-3_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-34447-3_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34446-6
Online ISBN: 978-3-642-34447-3
eBook Packages: Computer ScienceComputer Science (R0)