Contactless Credit Cards Payment Fraud Protection by Ambient Authentication
In recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-03-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/22/5/1989 |
| _version_ | 1797473706693361664 |
|---|---|
| author | Ming-Hour Yang Jia-Ning Luo Murugesan Vijayalakshmi Selvaraj Mercy Shalinie |
| author_facet | Ming-Hour Yang Jia-Ning Luo Murugesan Vijayalakshmi Selvaraj Mercy Shalinie |
| author_sort | Ming-Hour Yang |
| collection | DOAJ |
| description | In recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use their mobile phones. However, the Europay MasterCard Visa (EMV) protocol is associated with a number of security concerns. In contactless transactions, attackers can make purchases by launching a relay attack from a distance. To protect message transmission and prevent relay attacks, we propose a transaction protocol that is compatible with EMV protocols and that can perform mutual authentication and ambient authentication on near-field-communication-enabled mobile phones. Through mutual authentication, our protocol ensures the legitimacy of transactions and establishes keys for a transaction to protect the subsequent messages, thereby avoiding security problems in EMV protocols, such as man-in-the-middle attacks, skimming, and clone attacks on credit cards. By using ambient factors, our protocol verifies whether both transacting parties are located in the same environment, and it prevents relay attacks in the transaction process. |
| first_indexed | 2024-03-09T20:20:16Z |
| format | Article |
| id | doaj.art-449b8001162b4f9ca719da7d82b28dac |
| institution | Directory Open Access Journal |
| issn | 1424-8220 |
| language | English |
| last_indexed | 2024-03-09T20:20:16Z |
| publishDate | 2022-03-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj.art-449b8001162b4f9ca719da7d82b28dac2023-11-23T23:49:26ZengMDPI AGSensors1424-82202022-03-01225198910.3390/s22051989Contactless Credit Cards Payment Fraud Protection by Ambient AuthenticationMing-Hour Yang0Jia-Ning Luo1Murugesan Vijayalakshmi2Selvaraj Mercy Shalinie3Department of Information and Computer Engineering, Chung Yuan Christian University, Taoyuan 32023, TaiwanDepartment of Computer Science and Information Engineering, Chung Cheng Institute of Technology, National Defense University, Taoyuan 335009, TaiwanDepartment of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai 625015, IndiaDepartment of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai 625015, IndiaIn recent years, improvements to the computational ability of mobile phones and support for near-field-communication have enabled transactions to be performed by using mobile phones to emulate a credit card or by using quick response codes. Thus, users need not carry credit cards but can simply use their mobile phones. However, the Europay MasterCard Visa (EMV) protocol is associated with a number of security concerns. In contactless transactions, attackers can make purchases by launching a relay attack from a distance. To protect message transmission and prevent relay attacks, we propose a transaction protocol that is compatible with EMV protocols and that can perform mutual authentication and ambient authentication on near-field-communication-enabled mobile phones. Through mutual authentication, our protocol ensures the legitimacy of transactions and establishes keys for a transaction to protect the subsequent messages, thereby avoiding security problems in EMV protocols, such as man-in-the-middle attacks, skimming, and clone attacks on credit cards. By using ambient factors, our protocol verifies whether both transacting parties are located in the same environment, and it prevents relay attacks in the transaction process.https://www.mdpi.com/1424-8220/22/5/1989NFCsmart cardIoT securitymutual authenticationmobile transactionambient authentication |
| spellingShingle | Ming-Hour Yang Jia-Ning Luo Murugesan Vijayalakshmi Selvaraj Mercy Shalinie Contactless Credit Cards Payment Fraud Protection by Ambient Authentication Sensors NFC smart card IoT security mutual authentication mobile transaction ambient authentication |
| title | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_full | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_fullStr | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_full_unstemmed | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_short | Contactless Credit Cards Payment Fraud Protection by Ambient Authentication |
| title_sort | contactless credit cards payment fraud protection by ambient authentication |
| topic | NFC smart card IoT security mutual authentication mobile transaction ambient authentication |
| url | https://www.mdpi.com/1424-8220/22/5/1989 |
| work_keys_str_mv | AT minghouryang contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT jianingluo contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT murugesanvijayalakshmi contactlesscreditcardspaymentfraudprotectionbyambientauthentication AT selvarajmercyshalinie contactlesscreditcardspaymentfraudprotectionbyambientauthentication |