Title :
Card-Present Transactions on the Internet Using the Smart Card Web Server
Author :
Kyrillidis, Lazaros ; Mayes, Keith ; Chazalet, Boris ; Markantonakis, Kostantinos
Author_Institution :
Inf. Security Group R. Holloway, Univ. of London Egham, Egham, UK
Abstract :
Purchasing over the Internet is not limited to traditional computers, and nowadays a person is able to shop from her mobile equipment. However, identity theft and credit/debit card fraud deter some potential customers, or limit their activity. Customers´ privacy is threatened in several ways, including malware that directly targets their computers/mobile equipment and from attacks that target merchant infrastructure and databases. In this paper we propose a new way for a user to pay for goods ordered online, which is based on the use of a Smart Card Web Server (SCWS), hosted either on a phone Subscriber Identity Module (SIM) or in a traditional credit/debit card. It would mean that a customer never submits card details via the Internet and is only required to remember a PIN, and for merchants the responsibility to store/protect customer card details is avoided. Overall the privacy for customer data is enhanced by this proposal.
Keywords :
Internet; data privacy; file servers; invasive software; purchasing; smart cards; Internet; SCWS; SIM; card-present transactions; credit-debit card fraud; customer data privacy; malware; merchant infrastructure; mobile equipment; phone subscriber identity module; smart card Web server; IP networks; Proposals; Protocols; Security; Smart cards; Web servers; Smart Card Web Server; card-present transactions; e-commerce; e-shopping; m-commerce; m-shopping;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.75
