Disposable credit card numbers are a recent approach to tackling the severe problem of credit card fraud, nowadays constantly growing, especially in the context of e-commerce payments. Whenever we cannot rely on a secure communication channel between cardholder and issuer, a possibility is to generate new numbers on the basis of some common scheme, starting from a shared secret information. However, in order to make the approach meaningful from a practical point of view, the solution should guarantee backward compatibility with the current system, absence of new investments in dedicated hardware, wide-spectrum usability, and adequate security level. In this paper, we propose a solution based on the use of standard mobile phones, fully meeting the above desiderata. Importantly, our solution does not require any cryptographic support and, as a consequence, the use of PADs or smart phones, opening then its usability to a wider potential market.

Implementing Disposable Credit Card Numbers by Mobile Phones / Buccafurri, Francesco; Lax, Gianluca. - In: ELECTRONIC COMMERCE RESEARCH. - ISSN 1389-5753. - 11:3(2011), pp. 271-296. [10.1007/s10660-011-9078-0]

Implementing Disposable Credit Card Numbers by Mobile Phones

BUCCAFURRI, Francesco;LAX, Gianluca
2011-01-01

Abstract

Disposable credit card numbers are a recent approach to tackling the severe problem of credit card fraud, nowadays constantly growing, especially in the context of e-commerce payments. Whenever we cannot rely on a secure communication channel between cardholder and issuer, a possibility is to generate new numbers on the basis of some common scheme, starting from a shared secret information. However, in order to make the approach meaningful from a practical point of view, the solution should guarantee backward compatibility with the current system, absence of new investments in dedicated hardware, wide-spectrum usability, and adequate security level. In this paper, we propose a solution based on the use of standard mobile phones, fully meeting the above desiderata. Importantly, our solution does not require any cryptographic support and, as a consequence, the use of PADs or smart phones, opening then its usability to a wider potential market.
2011
Credit card payments; Credit card fraud; PRNG
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12318/2093
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 16
  • ???jsp.display-item.citation.isi??? 13
social impact