Cargando…
Contactless Credit Cards Payment Fraud Protection by Ambient Authentication
In recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8914672/ https://www.ncbi.nlm.nih.gov/pubmed/35271136 http://dx.doi.org/10.3390/s22051989 |
| _version_ | 1784667778446262272 |
|---|---|
| author | Yang, Ming-Hour Luo, Jia-Ning Vijayalakshmi, Murugesan Shalinie, Selvaraj Mercy |
| author_facet | Yang, Ming-Hour Luo, Jia-Ning Vijayalakshmi, Murugesan Shalinie, Selvaraj Mercy |
| author_sort | Yang, Ming-Hour |
| collection | PubMed |
| description | In recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use their mobile phones. However, the Europay MasterCard Visa (EMV) protocol is associated with a number of security concerns. In contactless transactions, attackers can make purchases by launching a relay attack from a distance. To protect message transmission and prevent relay attacks, we propose a transaction protocol that is compatible with EMV protocols and that can perform mutual authentication and ambient authentication on near-field-communication-enabled mobile phones. Through mutual authentication, our protocol ensures the legitimacy of transactions and establishes keys for a transaction to protect the subsequent messages, thereby avoiding security problems in EMV protocols, such as man-in-the-middle attacks, skimming, and clone attacks on credit cards. By using ambient factors, our protocol verifies whether both transacting parties are located in the same environment, and it prevents relay attacks in the transaction process. |
| format | Online Article Text |
| id | pubmed-8914672 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-89146722022-03-12 Contactless Credit Cards Payment Fraud Protection by Ambient Authentication Yang, Ming-Hour Luo, Jia-Ning Vijayalakshmi, Murugesan Shalinie, Selvaraj Mercy Sensors (Basel) Article In recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use their mobile phones. However, the Europay MasterCard Visa (EMV) protocol is associated with a number of security concerns. In contactless transactions, attackers can make purchases by launching a relay attack from a distance. To protect message transmission and prevent relay attacks, we propose a transaction protocol that is compatible with EMV protocols and that can perform mutual authentication and ambient authentication on near-field-communication-enabled mobile phones. Through mutual authentication, our protocol ensures the legitimacy of transactions and establishes keys for a transaction to protect the subsequent messages, thereby avoiding security problems in EMV protocols, such as man-in-the-middle attacks, skimming, and clone attacks on credit cards. By using ambient factors, our protocol verifies whether both transacting parties are located in the same environment, and it prevents relay attacks in the transaction process. MDPI 2022-03-03 /pmc/articles/PMC8914672/ /pubmed/35271136 http://dx.doi.org/10.3390/s22051989 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Yang, Ming-Hour Luo, Jia-Ning Vijayalakshmi, Murugesan Shalinie, Selvaraj Mercy Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_full | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_fullStr | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_full_unstemmed | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_short | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_sort | contactless credit cards payment fraud protection by ambient authentication |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8914672/ https://www.ncbi.nlm.nih.gov/pubmed/35271136 http://dx.doi.org/10.3390/s22051989 |
| work_keys_str_mv | AT yangminghour contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT luojianing contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT vijayalakshmimurugesan contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT shalinieselvarajmercy contactlesscreditcardspaymentfraudprotectionbyambientauthentication |