• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2004.10a
• /
• pp.68-98
• /
• 2004

Although the internet is useful for transferring information, Internet auction environments make fraud more attractive to offenders because the chance of detection and punishment are decreased. One of fraud is phantom transaction which is a colluding transaction by the buyer and seller to commit illegal discounting of credit card. They pretend to fulfill the transaction paid by credit card, without actual selling products, and the seller receives cash from credit card corporations. Then seller lends it out buyer with quite high interest rate whose credit score is so bad that he cannot borrow money from anywhere. The purpose of this study is to empirically investigate the factors to detect of the phantom transaction in online auction. Based up on the studies that explored behaviors of buyers and sellers in online auction, bidding numbers, bid increments, sellers' credit, auction length, and starting bids were suggested as independent variables. We developed an Internet-based data collection software agent and collect data on transactions of notebook computers each of which winning bid was over 1,000,000 won. Data analysis with logistic regression model revealed that starting bids, sellers' credit, and auction length were significant in detecting the phantom transaction.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1175-1186
• /
• 2015

Financial fraud has been increasing along with credit card usage. Magnetic stripe cards have vulnerabilities in that credit card information is exposed in plaintext and cardholder verification is untrustworthy. So they have been replaced by a smart card scheme to provide enhanced security. Furthermore, the FinTech that combines the IT with Financial product is being prevalent. For that reason, many mobile device based payment schemes have been proposed for card present transaction. In this paper, we propose a virtual credit card number payment scheme based on public key system for efficient authentication in card present transaction. Our proposed scheme is able to authenticate efficiently in card present transaction by pre-registering virtual credit card number based on cardholder's public key without PKI. And we compare and analyze our proposed scheme with EMV.

• Korean Management Science Review
• /
• v.21 no.2
• /
• pp.273-289
• /
• 2004

Although the Internet is useful for transferring information, Internet auction environments make fraud more attractive to offenders, because the chance of detection and punishment is decreased. One of these frauds is the phantom transaction, which is a colluding transaction by the buyer and seller to commit the illegal discounting of a credit card. They pretend to fulfill the transaction paid by credit card, without actually selling products, and the seller receives cash from the credit card corporations. Then the seller lends it out with quite a high interest rate to the buyer, whose credit rating is so poor that he cannot borrow money from anywhere else. The purpose of this study is to empirically investigate the factors necessary to detect phantom transactions in an online auction. Based upon studies that have explored the behaviors of buyers and sellers in online auctions, the following have been suggested as independent variables: bidding numbers, bid increments, sellers' credit, auction lengths, and starting bids. In this study. we developed Internet-based data collection software and collected data on transactions of notebook computers, each of which had a winning bid of over W one million. Data analysis with a logistic regression model revealed that starting bids, sellers' credit, and auction length were significant in detecting the phantom transactions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1864-1876
• /
• 2016

Card-Not-Present (CNP) transactions taking place remotely over the Internet are becoming more prevalent. Cardholder authentication should be provided to prevent the CNP fraud resulting from the theft of stored credit card numbers. To address the security problems associated with CNP transactions, the use of a virtual card number derived from the transaction details for the payment has been proposed, instead of the real card number. Since all of the virtual card number schemes proposed so far are based on a password shared between the cardholder and card issuer, transaction disputes due to the malicious behavior of one of the parties involved in the transaction cannot be resolved. In this paper, a new virtual card number scheme is proposed, which is associated with the cardholder's public key for signature verification. It provides strong cardholder authentication and non-repudiation of the transaction without deploying a public-key infrastructure, so that the transaction dispute can be easily resolved. The proposed scheme is analyzed in terms of its security and usability, and compared with the previously proposed schemes.

• Journal of Computing Science and Engineering
• /
• v.5 no.1
• /
• pp.51-70
• /
• 2011

This paper introduces a new credit card payment scheme called No Number Credit Card that can significantly reduce the possibility of credit card fraud. The proposed payment system is loosely based on Kerberos, a cryptographic framework that has stood the test of time. In No Number Credit Card, instead of card numbers, only payment tokens are exchanged between the customers and merchants. The tokens are generated based on the payment amount, payment type, client information, and merchant information. However, it does not contain the credit card number, so the merchant or a database hacker cannot acquire and illegally use any credit card numbers. The No Number Credit Card system is ideal for online e-commerce transactions and can be used with any credit card that users possess. It can be used with minor modifications to the current card payment system. We provide the principles of its operation through scenario analysis, a sample implementation, and a security analysis

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.63-74
• /
• 2011

Credit cards are more convenient than cash of heavy. Therefore, credit cards are used widely in on_line (internet) and off_line in nowadays. To use credit cards on internet is commonly secure because client identification based security card and authentication certificate. However, to use in off_line as like shop, store, department, restaurant is unsecure because of irregular accident. As client identification is not used in off_line use of credit cards, the irregular use of counterfeit, stolen and lost card have been increasing in number recently. Therefore, client identification is urgently necessary for secure card using in off_line. And the method of client identification must be simple, don't take long time, convenient for client, card affiliate and card company. In this paper, we study a reform measure of the structure and transaction process for the safety improvement of a credit cards. And we propose several authentication method of short-and long-term for client identification. In the proposal, the client authentication method by OTP application of smart-phone is efficient nowadays.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.31-40
• /
• 2021

The increasing number of credit card fraud cases has become a considerable problem since the past decades. This phenomenon is due to the expansion of new technologies, including the increased popularity and volume of online banking transactions and e-commerce. In order to address the problem of credit card fraud detection, a rule-based approach has been widely utilized to detect and guard against fraudulent activities. However, it requires huge computational power and high complexity in defining and building the rule base for pattern matching, in order to precisely identifying the fraud patterns. In addition, it does not come with intelligence and ability in predicting or analysing transaction data in looking for new fraud patterns and strategies. As such, Data Mining and Machine Learning algorithms are proposed to overcome the shortcomings in this paper. The aim of this paper is to highlight the important techniques and methodologies that are employed in fraud detection, while at the same time focusing on the existing literature. Methods such as Artificial Neural Networks (ANNs), Support Vector Machines (SVMs), naïve Bayesian, k-Nearest Neighbour (k-NN), Decision Tree and Frequent Pattern Mining algorithms are reviewed and evaluated for their performance in detecting fraudulent transaction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.1231-1245
• /
• 2015

People have transferred their business model from traditional commerce to e-commerce in recent decades. Both shopping and payment can be completed through the Internet and bring convenience to consumers and business opportunities to industry. These trade techniques are mostly set up based on the Secure Sockets Layer (SSL). SSL provides the security for transaction information and is easy to set up, which makes it is widely accepted by individuals. Although attackers cannot obtain the real content even when the transferred information is intercepted, still there is risk for online trade. For example, it is impossible to prevent credit card information from being stolen by virtual merchant. Therefore, we propose a new mechanism to solve such security problem. We make use of the disposable dynamic security code (DSC) to replace traditional card security code. So even attackers get DSC for that round of transaction, they cannot use it for the next time. Besides, we apply visual secret sharing techniques to transfer the DSC, so that interceptors cannot retrieve the real DSC even for one round of trade. This way, we can improve security of credit card transaction and reliability of online business. The experiments results validate the applicability and efficiency of the proposed mechanism.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.14
• /
• pp.237-256
• /
• 2000

Electronic commerce has been threatening to address the transaction inefficiencies in international trade that is conducted through letters of credit(L/Cs) and other forms of traditional paper-based financial instruments. The replacement of traditional paper documets with electronic alternatives is becoming more of a relity within a number of business sectors. The conceptual model of electronic L/Cs presented in this paper is intended to provide a framework for discussing the development of a paperless credit. The TradeCard network provides a business-to-business e-commerce infrastructure that enables buyers and sellers to conduct and settle international trade transactions securely over the Internet. Sellers and Buyers should select the best payment methods of traditional L/Cs, electronic L/Cs, TradeCard, Bank Credit Card etc. in consideration of their business circumstances.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1033-1040
• /
• 2003

In order to provode information services on M-Commerce, a payment solution with security function should be required. User's mobile terminals for using M-Commerce services are diversifying to cellular phone, PDA, Smart phone etc. Among them, intergration of PDA's interface and mobile connection overcomes the weak point of existing cullular phone depending on information via the internet. In this paper, the protocol for a credit card transaction on PDA using ECC is presented. Secure Card module on this protocol encrypts user's information such as private information, delivery information and credit card information and store them on PDA in order to free from inputting information whenever it is used. This scheme also offers security services on M-Commerce including authentication, confidentiality, integration, non-repudiation and so on.