• Journal of Computing Science and Engineering
• /
• 제5권1호
• /
• pp.51-70
• /
• 2011

This paper introduces a new credit card payment scheme called No Number Credit Card that can significantly reduce the possibility of credit card fraud. The proposed payment system is loosely based on Kerberos, a cryptographic framework that has stood the test of time. In No Number Credit Card, instead of card numbers, only payment tokens are exchanged between the customers and merchants. The tokens are generated based on the payment amount, payment type, client information, and merchant information. However, it does not contain the credit card number, so the merchant or a database hacker cannot acquire and illegally use any credit card numbers. The No Number Credit Card system is ideal for online e-commerce transactions and can be used with any credit card that users possess. It can be used with minor modifications to the current card payment system. We provide the principles of its operation through scenario analysis, a sample implementation, and a security analysis

• 정보보호학회논문지
• /
• 제25권5호
• /
• pp.1175-1186
• /
• 2015

신용카드사용이 증가하는 만큼 금융사고 또한 증가하고 있다. 자기 띠 카드 방식은 신용카드 정보가 평문으로 노출되고 사용자 인증 또한 허술한 취약점으로 인해 향상된 보안성을 제공하는 스마트카드 방식으로 전환되는 추세에 있다. 또한 최근에는 IT와 금융상품을 접목한 핀테크 (FinTech) 열풍이 불면서 대면거래환경에서도 카드가 아닌 모바일 기기들을 기반으로 하는 결제 기법들이 많이 제안되고 있다. 본 논문에서는 카드 소지자 모바일기기를 기반으로 카드 소지자의 공개키를 이용해 생성하는 가상카드번호를 카드사에 사전 등록함으로써 대면거래환경에서 PKI와 인증서 없이 효율적으로 사용자를 인증하여 편의성을 증가시키면서도 신용카드 정보에 대한 보안성을 제공하는 가상카드번호 결제 기법을 제안하고 대면거래환경에서 보안성을 제공하는 대표적인 신용카드 결제 방식인 EMV 기법과 비교 분석 해 보도록 한다.

• 중소기업융합학회논문지
• /
• 제5권2호
• /
• pp.33-38
• /
• 2015

공개키 기반의 ISP 안전결제 서비스가 온라인 금융결제 시스템에 사용되면서 보안 피해가 점점 증가하고 있다. ISP 안전결제 측면에서 보안 기술은 특별한 문제는 없으나, 결제시스템의 간편성으로 인하여 발생되는 보안 피해가 문제가 되고 있다. 본 논문에서는 결제시스템의 간편성으로 인하여 발생되는 보안 피해를 최소화하기 위한 ISP 안전결제 서비스에 대한 대응 방안을 제안한다. 제안 방안은 안전결제, 온라인 결제, 모바일 결제, 신용카드 등 다양한 결제시스템에 적용할 수 있으며, 새로운 결제 시스템의 기능을 안정적으로 지원할 수 있는 것이 특징이다. 또한, 제안 방안은 금융권의 결제 서비스로 인하여 발생되는 다양한 보안 위협을 분석하고 대응방안에 대해서 기술하고 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권2호
• /
• pp.1180-1200
• /
• 2017

Currently, automated payment services provide intuitive user interfaces by adapting various wireless communication devices with mobile services. For example, companies like Samsung, Google, and Apple have selected the NFC payment method to service payments of existing credit cards. An electronic payment standard has been released for NFC activation within Korea and will strengthen the safety of payment service communications. However, there are various security risks regarding the NFC-based electronic payment method. In particular, the NFC payment service using the recently released lightweight devices cannot provide the cryptographic strength that is supported by many financial transaction services. This is largely due to its computational complexity and large storage resource requirements. The chaotic map introduced in this study can generate a highly complicated code as it is sensitive to the initial conditions. As the lightweight study using the chaotic map has been actively carried out in recent years, associated authentication techniques of the lightweight environment have been released. If applied with a chaotic map, a high level of cryptographic strength can be achieved that can provide more functions than simple XOR operations or HASH functions. Further, this technique can be used by financial transaction services. This study proposes a mutual authentication technique for NFC-PCM to support an NFC payment service environment based on the chaotic map.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권4호
• /
• pp.1864-1876
• /
• 2016

Card-Not-Present (CNP) transactions taking place remotely over the Internet are becoming more prevalent. Cardholder authentication should be provided to prevent the CNP fraud resulting from the theft of stored credit card numbers. To address the security problems associated with CNP transactions, the use of a virtual card number derived from the transaction details for the payment has been proposed, instead of the real card number. Since all of the virtual card number schemes proposed so far are based on a password shared between the cardholder and card issuer, transaction disputes due to the malicious behavior of one of the parties involved in the transaction cannot be resolved. In this paper, a new virtual card number scheme is proposed, which is associated with the cardholder's public key for signature verification. It provides strong cardholder authentication and non-repudiation of the transaction without deploying a public-key infrastructure, so that the transaction dispute can be easily resolved. The proposed scheme is analyzed in terms of its security and usability, and compared with the previously proposed schemes.

• 정보처리학회논문지C
• /
• 제11C권7호
• /
• pp.889-894
• /
• 2004

AODV(Ad Hoc On-Demand Distance Vector)나 DSR(Dynamic Source Routing)과 같은 대부분의 에드혹 라우팅 프로토콜은 네트워크 토폴로지가 변하지 않는 한 새로운 경로 설정을 하지 않는다. 따라서 노드의 이동성이 적은 경우, 트래픽은 몇몇 노드에게 집중될 수 있으며 그 결과로 해당 노드들의 혼잡으로 인한 긴 종단간 지연이 발생할 수 있다. 게다가 몇몇 특정 노드들만 오랫동안 계속해서 사용됨에 따라 그들의 배터리가 빠르게 소모될 것이다. 노드의 배터리 방전은 노드 사이의 연결 단절뿐만 아니라 동시에 새로운 경로 설정을 위하여 많은 route re-quest 패킷(RREQ)을 생성시킨다. 본 논문에서는 각 노드가 자신의 트래픽 부하 상태를 기반으로 RREQ 패킷을 무시하거나 패킷 포워딩을 포기할 수 있게 함으로써 트래픽 집중화 문제를 해결할 수 있는 SLA(Simple Load-balancing Approach)를 제안한다. 그러나 어떤 이기적인 노드들은 자신의 에너지를 절약하기 위하여 고의적으로 패킷 포워딩을 거부할 수도 있다. 이러한 노드들을 패킷 포워딩에 참여시키기 위하여 본 논문에서는 PIFA(Protocol-Independent Fairness Algorithm) 보상 방식을 제안하였다. SLA 성능의 우수함을 증명하기 위하여 SLA를 채택한 AODV 방식과 SLA를 채택하지 않은 AODV 방식을 비교 실험하였고, 이를 통하여 SLA를 채택한 방식이 트래픽 부하 분산에 효율적이며 이로 인하여 전체 에드혹 네트워크 성능 또한 향상시킴을 확인하였다.

• Agribusiness and Information Management
• /
• 제11권1호
• /
• pp.27-39
• /
• 2019

Agricultural risks are exacerbated by a variety of factors ranging from climatevariability and change, frequent natural disasters, uncertainties in yields and prices, weakrural infrastructure, imperfect markets and lack of financial services including limited spanand design of risk mitigation instruments such as credit and insurance. Indian agriculture has little more than half (53%) of its area still rainfed and this makes it highly sensitive to vagaries of climate causing unstable output. Besides adverse climatic factors, there are man-made disasters such as fire, sale of spurious seeds, adulteration of pesticides and fertilizers etc., and all these severely affect farmers through loss in production and farm income, and are beyond the control of farmers. Hence, crop insurance' is considered to be the promising tool to insulate the farmers from risks faced by them and to sustain them in the agri-business. This paper critically evaluates the performance of recent crop insurance scheme viz., Pradhan Mantri Fasal Bhima Yojana (PMFBY) and its comparative performance with earlier agricultural insurance schemes implemented in the country. It is heartening that, the comparative performance of PMFBY with earlier schemes revealed that, the Government has definitely taken a leap forward in covering more number of farmers and bringing more area under crop insurance with the execution of this new scheme and on this front, it deserves the appreciation in fulfilling the objective for bringing more number of farmers under insurance cover. The use of mobile based technology, reduced number of Crop Cutting Experiments (CCEs) and smart CCEs, digitization of land record and linking them to farmers' account for faster assessment/settlement of claims are some of the steps that contributed for effective implementation of this new crop insurance scheme. However, inadequate claim payments, errors in loss/yield assessment, delayed claim payment, no direct linkage between insurance companies and farmers are the major shortcomings of this scheme. This calls for revamping the crop insurance program in India from time to time in tune with the dynamic changes in climatic factors on one hand and to provide a safety-net for farmers to mitigate losses arising from climatic shocks on the other. The future research avenues include: insuring the revenue of the farmer (Price × Yield) as in USA and more and more tenant farmers should be brought under insurance by doling out discounts for group coverage of farmers like in Philippines where 20 per cent discount in premium is given for a group of 5-10 farmers, 30 per cent for a group of 10-20 and 40 per cent for a group of >20 farmers.