• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.49-52
• /
• 2004

M-Commerce에서 안전한 서비스를 제공하기 위해서는 보안 기능을 갖춘 결제 솔루션이 필수적이다. M-Commerce를 이응하기 위한 사용자의 이동 단말기는 핸드폰, PDA, 스마트폰 등으로 다양화 되어가고 있으며, 이 중에서도 PDA의 인터페이스와 이동 접속은 기존 핸드폰의 유선 인터넷의 정보 의존도가 높은 단점을 극복할 수 있다. 본 논문에서는 타원곡선 암호를 이용하여 PDA 기반의 신용카드 결제 시스템을 설계하였다. 제안된 시스템의 SECURE CARD 모듈은 PDA 단말기 자체에 개인정보, 배송정보, 카드정보를 암호화하여 안전하게 저장함으로써 단말기의 정보입력시에 필요한 불편함을 제거하였다. 또한 프로토콜은 M-Commerce에서 인증, 기밀성, 무결성, 부인봉쇄 서비스 둥의 보안기능을 제공하도록 설계되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.1061-1064
• /
• 2015

모바일 IT기술이 발전함에 따라 비접촉 근거리 무선 통신 기술 중 NFC가 대부분의 스마트기기에 탑재되어 빠르게 확산되고 있다. 특히 스마트폰의 NFC 기능을 이용한 서비스들 중 모바일 결제 서비스가 활성화를 위해 다양한 인프라가 구축되어 있으며 최근에는 금융과 기술이 결합한 '핀테크(Fintech)'가 주목받으면서 NFC를 사용한 모바일 결제에 대한 관심이 높아지고 있다. 기존의 NFC 모바일 결제 시스템은 쿠폰 사용, 포인트 결제 등 다양한 할인혜택을 제공한다. 하지만, 결제 시 할인혜택을 받는 과정에서 쿠폰 사용으로 인해 시간이 다소 소요되며 여러 번 통신으로 결제가 진행되어 사용자들로 하여금 불편하다는 문제가 발생한다. 따라서 본 논문에서는 NFC 환경에서의 mCoupon(mobile-coupon)을 이용한 안전하고 효율적인 통합결제 시스템을 설계하여 사용자들로 하여금 누구나 쉽게 사용할 수 있도록 구현한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1337-1344
• /
• 2012

This paper analyzed electronic transaction systems of social commerce service which have rapidly grown recent days, and as a result found that most of the electronic transaction systems of social commerce service had payment amount modification issue. This paper proposes a method for solving the payment amount modification issue. The proposed method adds an authentication process between servers of social commerce service provider and payment-gateway company. The added authentication process prohibits user getting involved in payment procedure, and thus prevents payment amount modification.

• Journal of KIISE:Information Networking
• /
• v.37 no.2
• /
• pp.135-141
• /
• 2010

Mobile payment system has many problems in real mobile payment networks because of the characteristics of mobile device and the security of mobile payment process. Specially, the previous suggested mobile payment protocol can not verify a trust of issuing bank. Therefore, this paper has analyzed the efficiency of a mobile payment with a delegating authority for an issuing bank to trust issuing bank. As a result, the mobile payment protocol with a delegating authority for a payment verification of an issuing bank has improved the time complexities for key computation and communication resilience.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.229-231
• /
• 2005

인터넷의 발달로 점차 활성화 되고 있는 전자상거래는 기존 시스템의 결제 정보 도용에 따른 문제점을 개선한 새로운 전자지불 시스템의 필요성이 대두되었고 국민/BC카드사의 인터넷 안전결제(ISP)서비스, 비자 안심클릭 서비스를 전면 시행하게 되었다. 사용자 본인인증 강화를 위한 인증방안과 서비스모델을 분석하고 개선 방향을 제시한다.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1339-1348
• /
• 2001

This study is directed to compare the payment systems between conventional and internet, under international commerce. A stable and secure payment system is necessary for the progress of e-business through the internet. There are three typical methods of payment system in conventional transactions; the letter of credit(L/C) basis, the collection basis and the remittance basis. The exporter prefers L/C basis because of authentic payment, financial convenience and reduced risk Buyers and sellers who have enjoyed long creditable relationships use carefully the collection basis. The remittance basis is adequate for small amount payment for sample. In this paper, the merits and demerits of electronic payment system are compared to the conventional payment one. Internet payment system has an advantage of speed-up in payment against the conventional, but has a limited usage in the area of consumer based(B to C) transaction. The conventional payment system has been becoming overwhelm electronic payment one in the business to business(B to B) area.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.141-145
• /
• 2013

Damage is increasing by (Smishing) hacking attack Smishing you use a smart phone after entering 2013. Takeover of personal information and direct financial damage in collaboration with graphics sewing machine hacking attack has occurred. Monetary damage that leads to Internet payment service (ISP) and secure payment system in conjunction with graphics sewing machine hacking attack on a smartphone has occurred. In this paper, I will study analysis in the laboratory examples of actual infringement vinegar sewing machine hacking attack. It is a major power security measures to prevent damage to the secure payment system that a case analysis and practical principle technical nest sewing machine hacking attack, using Smishing. In this paper, I will be to research to be able to through a smart phone, to the online payment safer and more convenient.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• Journal of Korea Multimedia Society
• /
• v.13 no.11
• /
• pp.1687-1697
• /
• 2010

The USIM-based AKA authentication process is essential to a mobile payment system on smart phone environment. In this paper a payment protocol and an AKA module are designed for mobile payment system which is suitable for openness smart phone environment. The payment protocol designs the cross authentication among components of the mobile payment system to improve the reliability of the components. The AKA module of mobile payment system based on 3GPP-AKA protocol prevents the exposure of IMSI by creating the SSK(Shared Secure Key) through advance registration and solves the SQN(SeQuence Number) synchronization problem by using timestamp. Also, by using the SSK instead of authentication vector between SN and authentication center, the existing bandwidth $(688{\times}N){\times}R$ bit between them is reduced to $320{\times}R$ bit or $368{\times}R$ bit. It creates CK and IK which are message encryption key by using OT-SSK(One-Time SSK) between MS and SN. In addition, creating the new OT-SSK whenever MS is connected to SN, it prevents the data replay attack.

• Proceedings of the KAIS Fall Conference
• /
• 2010.11a
• /
• pp.272-275
• /
• 2010

인터넷의 발달로 인하여 다양한 온라인 카드 지불 방식이 생겨나게 되었다. 그 중, 기존의 국민카드와, BC카드의 카드 결제 방식인 ISP(Internet Secure Payment) 시스템에서 ISP를 생성하는 과정이 현재의 인증 방법으로는 잠재적인 취약점이 있음을 발견하고, 이에 본인 인증을 강화하는 프로토콜을 제안한다.