University of Hertfordshire

From the same journal

By the same authors

A Purchase Protocol with Multichannel Authentication

Research output: Contribution to journalArticlepeer-review


  • 817931

    Accepted author manuscript, 135 KB, PDF document


View graph of relations
Original languageEnglish
Pages (from-to)361-371
Number of pages11
JournalJournal of Information Assurance and Security
Publication statusPublished - 2009


While online shopping are becoming more accepted by people in modern life, cardholders are more concerned about card fraud and the lack of cardholder authentication in the current online credit card payment. This paper proposes a purchase protocol with live cardholder authentication for online transaction which combines telephone banking and online banking together. The order information
and payment information are sent though the Internet and encrypted by asymmetric key encryption. The cardholder is authenticated by the card issuing bank ringing back at the customer’s phone number and the cardholder inputting the secure PIN and the amount to pay. The multichannel authentication makes the cardholder feel secure and card fraud difficult. Furthermore, the protocol does not require the cardholder to obtain public key certificates or install additional software for the online transaction

ID: 817931