• 한국경영과학회:학술대회논문집
• /
• 한국경영과학회 2004년도 추계학술대회 및 정기총회
• /
• pp.68-98
• /
• 2004

Although the internet is useful for transferring information, Internet auction environments make fraud more attractive to offenders because the chance of detection and punishment are decreased. One of fraud is phantom transaction which is a colluding transaction by the buyer and seller to commit illegal discounting of credit card. They pretend to fulfill the transaction paid by credit card, without actual selling products, and the seller receives cash from credit card corporations. Then seller lends it out buyer with quite high interest rate whose credit score is so bad that he cannot borrow money from anywhere. The purpose of this study is to empirically investigate the factors to detect of the phantom transaction in online auction. Based up on the studies that explored behaviors of buyers and sellers in online auction, bidding numbers, bid increments, sellers' credit, auction length, and starting bids were suggested as independent variables. We developed an Internet-based data collection software agent and collect data on transactions of notebook computers each of which winning bid was over 1,000,000 won. Data analysis with logistic regression model revealed that starting bids, sellers' credit, and auction length were significant in detecting the phantom transaction.

• 정보보호학회논문지
• /
• 제25권5호
• /
• pp.1175-1186
• /
• 2015

신용카드사용이 증가하는 만큼 금융사고 또한 증가하고 있다. 자기 띠 카드 방식은 신용카드 정보가 평문으로 노출되고 사용자 인증 또한 허술한 취약점으로 인해 향상된 보안성을 제공하는 스마트카드 방식으로 전환되는 추세에 있다. 또한 최근에는 IT와 금융상품을 접목한 핀테크 (FinTech) 열풍이 불면서 대면거래환경에서도 카드가 아닌 모바일 기기들을 기반으로 하는 결제 기법들이 많이 제안되고 있다. 본 논문에서는 카드 소지자 모바일기기를 기반으로 카드 소지자의 공개키를 이용해 생성하는 가상카드번호를 카드사에 사전 등록함으로써 대면거래환경에서 PKI와 인증서 없이 효율적으로 사용자를 인증하여 편의성을 증가시키면서도 신용카드 정보에 대한 보안성을 제공하는 가상카드번호 결제 기법을 제안하고 대면거래환경에서 보안성을 제공하는 대표적인 신용카드 결제 방식인 EMV 기법과 비교 분석 해 보도록 한다.

• 경영과학
• /
• 제21권2호
• /
• pp.273-289
• /
• 2004

Although the Internet is useful for transferring information, Internet auction environments make fraud more attractive to offenders, because the chance of detection and punishment is decreased. One of these frauds is the phantom transaction, which is a colluding transaction by the buyer and seller to commit the illegal discounting of a credit card. They pretend to fulfill the transaction paid by credit card, without actually selling products, and the seller receives cash from the credit card corporations. Then the seller lends it out with quite a high interest rate to the buyer, whose credit rating is so poor that he cannot borrow money from anywhere else. The purpose of this study is to empirically investigate the factors necessary to detect phantom transactions in an online auction. Based upon studies that have explored the behaviors of buyers and sellers in online auctions, the following have been suggested as independent variables: bidding numbers, bid increments, sellers' credit, auction lengths, and starting bids. In this study. we developed Internet-based data collection software and collected data on transactions of notebook computers, each of which had a winning bid of over W one million. Data analysis with a logistic regression model revealed that starting bids, sellers' credit, and auction length were significant in detecting the phantom transactions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권4호
• /
• pp.1864-1876
• /
• 2016

Card-Not-Present (CNP) transactions taking place remotely over the Internet are becoming more prevalent. Cardholder authentication should be provided to prevent the CNP fraud resulting from the theft of stored credit card numbers. To address the security problems associated with CNP transactions, the use of a virtual card number derived from the transaction details for the payment has been proposed, instead of the real card number. Since all of the virtual card number schemes proposed so far are based on a password shared between the cardholder and card issuer, transaction disputes due to the malicious behavior of one of the parties involved in the transaction cannot be resolved. In this paper, a new virtual card number scheme is proposed, which is associated with the cardholder's public key for signature verification. It provides strong cardholder authentication and non-repudiation of the transaction without deploying a public-key infrastructure, so that the transaction dispute can be easily resolved. The proposed scheme is analyzed in terms of its security and usability, and compared with the previously proposed schemes.

• Journal of Computing Science and Engineering
• /
• 제5권1호
• /
• pp.51-70
• /
• 2011

This paper introduces a new credit card payment scheme called No Number Credit Card that can significantly reduce the possibility of credit card fraud. The proposed payment system is loosely based on Kerberos, a cryptographic framework that has stood the test of time. In No Number Credit Card, instead of card numbers, only payment tokens are exchanged between the customers and merchants. The tokens are generated based on the payment amount, payment type, client information, and merchant information. However, it does not contain the credit card number, so the merchant or a database hacker cannot acquire and illegally use any credit card numbers. The No Number Credit Card system is ideal for online e-commerce transactions and can be used with any credit card that users possess. It can be used with minor modifications to the current card payment system. We provide the principles of its operation through scenario analysis, a sample implementation, and a security analysis

• 디지털산업정보학회논문지
• /
• 제7권3호
• /
• pp.63-74
• /
• 2011

Credit cards are more convenient than cash of heavy. Therefore, credit cards are used widely in on_line (internet) and off_line in nowadays. To use credit cards on internet is commonly secure because client identification based security card and authentication certificate. However, to use in off_line as like shop, store, department, restaurant is unsecure because of irregular accident. As client identification is not used in off_line use of credit cards, the irregular use of counterfeit, stolen and lost card have been increasing in number recently. Therefore, client identification is urgently necessary for secure card using in off_line. And the method of client identification must be simple, don't take long time, convenient for client, card affiliate and card company. In this paper, we study a reform measure of the structure and transaction process for the safety improvement of a credit cards. And we propose several authentication method of short-and long-term for client identification. In the proposal, the client authentication method by OTP application of smart-phone is efficient nowadays.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.31-40
• /
• 2021

The increasing number of credit card fraud cases has become a considerable problem since the past decades. This phenomenon is due to the expansion of new technologies, including the increased popularity and volume of online banking transactions and e-commerce. In order to address the problem of credit card fraud detection, a rule-based approach has been widely utilized to detect and guard against fraudulent activities. However, it requires huge computational power and high complexity in defining and building the rule base for pattern matching, in order to precisely identifying the fraud patterns. In addition, it does not come with intelligence and ability in predicting or analysing transaction data in looking for new fraud patterns and strategies. As such, Data Mining and Machine Learning algorithms are proposed to overcome the shortcomings in this paper. The aim of this paper is to highlight the important techniques and methodologies that are employed in fraud detection, while at the same time focusing on the existing literature. Methods such as Artificial Neural Networks (ANNs), Support Vector Machines (SVMs), naïve Bayesian, k-Nearest Neighbour (k-NN), Decision Tree and Frequent Pattern Mining algorithms are reviewed and evaluated for their performance in detecting fraudulent transaction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권3호
• /
• pp.1231-1245
• /
• 2015

People have transferred their business model from traditional commerce to e-commerce in recent decades. Both shopping and payment can be completed through the Internet and bring convenience to consumers and business opportunities to industry. These trade techniques are mostly set up based on the Secure Sockets Layer (SSL). SSL provides the security for transaction information and is easy to set up, which makes it is widely accepted by individuals. Although attackers cannot obtain the real content even when the transferred information is intercepted, still there is risk for online trade. For example, it is impossible to prevent credit card information from being stolen by virtual merchant. Therefore, we propose a new mechanism to solve such security problem. We make use of the disposable dynamic security code (DSC) to replace traditional card security code. So even attackers get DSC for that round of transaction, they cannot use it for the next time. Besides, we apply visual secret sharing techniques to transfer the DSC, so that interceptors cannot retrieve the real DSC even for one round of trade. This way, we can improve security of credit card transaction and reliability of online business. The experiments results validate the applicability and efficiency of the proposed mechanism.

• 무역상무연구
• /
• 제14권
• /
• pp.237-256
• /
• 2000

Electronic commerce has been threatening to address the transaction inefficiencies in international trade that is conducted through letters of credit(L/Cs) and other forms of traditional paper-based financial instruments. The replacement of traditional paper documets with electronic alternatives is becoming more of a relity within a number of business sectors. The conceptual model of electronic L/Cs presented in this paper is intended to provide a framework for discussing the development of a paperless credit. The TradeCard network provides a business-to-business e-commerce infrastructure that enables buyers and sellers to conduct and settle international trade transactions securely over the Internet. Sellers and Buyers should select the best payment methods of traditional L/Cs, electronic L/Cs, TradeCard, Bank Credit Card etc. in consideration of their business circumstances.

• 정보처리학회논문지D
• /
• 제10D권6호
• /
• pp.1033-1040
• /
• 2003

M-Commerce 에서 안전한 서비스를 제공하기 위해서는 보안 기능을 갖춘 결제 솔루션이 필수적이다. M-Commerce 를 이용하기 위한 사용자의 이동 단말기는 핸드폰, PDA, 스마트폰 등으로 다양화 되어가고 있으며, 이 중에서도 PDA의 인터페이스와 이동 접속은 기존 핸드폰의 유선 인터넷의 정보 의조도가 높은 단점을 극복할 수 있다. 본 논문에서는 타원곡선 암호를 이용하여 PDA 기반의 신용카드 결제 시스템을 설계하였다. 제안된 시스템의 SECURE CARD 모듈은 PDA 단말기 자체에 개인정보, 배송정보, 카드정보를 암호화하여 안전하게 저장함으로써 단말기의 정보입력시에 필요한 불편함을 제거하였다. 또한 프로토콜은 M-Commerce 에서 인증, 기밀성, 부인봉쇄 서비스 등의 보안기능을 제공하도록 설계되었다.