Abstract
While online shopping are becoming more accepted by people in modern life, cardholders are more concerned about card fraud and the lack of cardholder authentication in the current online credit card payment. This paper proposes a purchase protocol with live cardholder authentication for online transaction which combines telephone banking and online banking together. The order information
and payment information are sent though the Internet and encrypted by asymmetric key encryption. The cardholder is authenticated by the card issuing bank ringing back at the customer’s phone number and the cardholder inputting the secure PIN and the amount to pay. The multichannel authentication makes the cardholder feel secure and card fraud difficult. Furthermore, the protocol does not require the cardholder to obtain public key certificates or install additional software for the online transaction
and payment information are sent though the Internet and encrypted by asymmetric key encryption. The cardholder is authenticated by the card issuing bank ringing back at the customer’s phone number and the cardholder inputting the secure PIN and the amount to pay. The multichannel authentication makes the cardholder feel secure and card fraud difficult. Furthermore, the protocol does not require the cardholder to obtain public key certificates or install additional software for the online transaction
Original language | English |
---|---|
Pages (from-to) | 361-371 |
Number of pages | 11 |
Journal | Journal of Information Assurance and Security |
Volume | 4 |
Issue number | 4 |
Publication status | Published - 2009 |