Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.3.563

Simple Credit Card Payment Protocols Based on SSL and Passwords  

Kim, Seon Beom (Sangmyung University)
Kim, Min Gyu (Sangmyung University)
Park, Jong Hwan (Sangmyung University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.3, 2016 , pp. 563-572 More about this Journal
Abstract
Recently, a plenty of credit card payment protocols have been proposed in Korea. Several features of proposed protocols include: using passwords for user authentication in stead of official certificate for authenticity, and no need to download additional security module via ActiveX into user's devices. In this paper, we suggest two new credit card payment protocols that use both SSL(Security Socket Layer) as a standardized secure transaction protocol and password authentication to perform online shopping and payment. The first one is for the case where online shopping mall is different from PG(Payment Gateway) and can be compared to PayPal-based payment methods, and the second one is for the case where online shopping mall is the same as PG and thus can be compared to Amazon-like methods. Two proposed protocols do not require users to perform any pre-registration process which is separate from an underlying shopping process, instead users can perform both shopping and payment into a single process in a convenient way. Also, users are asked to input a distinct payment password, which increases the level of security in the payment protocols. We believe that two proposed protocols can help readers to better understand the recent payment protocols that are suggested by various vendors, and to analyze the security of their payment protocols.
Keywords
Credit Card Payment Protocol; Password Authentication; Payment Gateway; SSL(Secure Socket Layer);
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Yeong Ui Kim, Hyeon Sil Mun, Jae Kyeong Kim, "Analysis of competitive composition of mobile payment market," The Korea Society of Management Information Systems, pp.395-401, Nov. 2015.
2 Jeong Gi Seog, "A study on Activation Measures of Local Mobile Easy-to-use Payment," Convergence security journal, 15(4), pp.79-88, Jun. 2015.
3 Seung Hun Noh, Tae Gyeong Gwon, "A comparative study of easy payment services in the domestic mobile system environment," The Korea Society of Management Information Systems, pp.695-698, Nov. 2014.
4 Hyeyoung Oh, "Referred Articles : A Study of Factors Affecting the Adoption Intention of Mobile Easy Payment Service," Journal of Financial Consumers, 5(1), pp.33-64, Aug. 2015.
5 APPSTORY, Deok Su Choe, "Market of moblie payment, the paradigm is chagned from today," http://monthly.appstory.co.kr/plan6500, Nov. 2014.
6 inews24, Eun Mi Jeong "The warring state s period is comming to 'Market of easy payment'," http://navercast.naver.com/magazine_contents.nhn?rid=2033&contents_id=83298, Feb. 2015.
7 Cheol Yeong Kim, "Market of easy payment - 'Pay war' will be intensified during the second half and the market of easy payment be expanded," Hyundai Able Daily, Jul. 2015.
8 Han-na Chin, Seok-Cheon Park, Won-Tae Choi, "Analysis of Mobile Easy Payment Technology by the FinTech," Korean Society For Internet Information, pp.237-238, Oct. 2015.
9 Monthly App, "The actuality of utilizatio n of mobile easy payment service," http://navercast.naver.com/magazine_content s.nhn?rid=2598&contents_id=91569, Jun. 2015.
10 APPSTORY, Seon Ung Choe, "The final round of the domestic easy payment services," http://monthly.appstory.co.kr/pla n6913, Mar. 2015.
11 Seungchul Park, "A Comparative Analysis of NPKI and SSL/TLS for Secure Internet Transactions," Journal of Korea Institute of Information and Communication Engineering, 20(2), pp.289-298, Feb. 2016.   DOI
12 PayPal, http://www.paypal.com.
13 Amazon. http://www.amazon.com.