• DocumentCode
    695494
  • Title

    Leveraging COBIT5 in NFC-based payment technology: challenges and opportunities for security risk mitigation and audit

  • Author

    Techoro, Tebug Mba ; Butakov, Sergey ; Aghili, Shaun ; Ruhl, Ron

  • fYear
    2015
  • fDate
    20-21 Feb. 2015
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    Near field communication (NFC) payment technology was expected to revolutionize businesses, yet presents major challenges relating to security and assurance in the Canadian payment ecosystem. This paper suggest some of the best practices in various frameworks for Risks and Assurance management in implementing NFC-based payment technology (NFC-BPT). The NFC-BPT risks and threats are analyzed in conjunction with justified risks data from Canadian NFC Mobile Payment Reference Model (Canadian NFC-MPRM). The output of the analyzed risk is mapped to COBIT5 (Control objective for Information and Related Technology) for Risk and COBIT5 for Assurance processes through which, a comprehensive assurance steps will be obtained on data security, fraud, theft and malware for payment credential issuers and acquirers.
  • Keywords
    electronic money; fraud; invasive software; mobile computing; near-field communication; risk analysis; COBIT5; Canadian NFC mobile payment reference model; Canadian NFC-MPRM; Canadian payment ecosystem; Control objective for Information and Related Technology; NFC-BPT risk; NFC-based payment technology; assurance management; assurance process; audit; data security; fraud; malware; near field communication payment technology; payment credential acquirer; payment credential issuers; risk analysis; security risk mitigation; theft; Computer crime; Data security; Decision support systems; Information technology; Legislation; Malware; COBIT5 for risk and COBIT5 for assurance; NFC-BPT; acquirers; data security; fraud and malware security and assurance steps; implementation; payment credential issuers;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Mobile and Secure Services (MOBISECSERV), 2015 First Conference on
  • Conference_Location
    Gainesville, FL
  • Type

    conf

  • DOI
    10.1109/MOBISECSERV.2015.7072875
  • Filename
    7072875
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=695494