• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.7
• /
• pp.3487-3494
• /
• 2013

Diverse application service such as mobile payment, access control or smart poster have been provided by using smart devices with built-in Near Field Communication technology. Especially, a mobile payment system can provide convenience to its users, but it also can poses including data disclosure while transmitting. There are vulnerabilities while generating session keys used to encrypt data in transaction processes as proposed in KS X 6928, the standard for mobile payment system. Therefore, in this thesis, I analyzed weaknesses of session keys used to encrypt transaction data and proposed a more secure mobile payment system based on NFC to enhance security. The proposed system will provide security functionalities such as key freshness, mutual authentication and key confirmation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.961-964
• /
• 2012

NFC(Near Field Communication)는 10cm 이내의 거리에서 무선기기 간의 통신을 가능케 해주는 기술로 13.56 Mhz RF(Radio Frequency) 주파수 대역을 이용한 비접촉식 근거리 무선통신의 한 종류이다. 올해 출시되는 대부분의 스마트 폰에서 NFC 기능을 탑재하며, NFC기반의 모바일 결제 서비스가 가장 유망한 결제 방식으로 주목 받고 있다. 소비자는 NFC 모바일 단말기를 가지고 판매자의 POS(Point of Sale) 단말기와 근접 통신을 통해 결제를 진행하는 방식으로 다른 무선 통신 방식 (RFID, Bluetooth 등)보다 보안 취약성이 높지 않지만, 기존의 RFID 환경에서 일어날 수 있는 기술적 취약점과 비슷한 유형의 위협이 충분히 발생할 수 있으므로 유효한 보안 기술이 필요하다. 본 논문은 안전한 NFC 모바일 결제 환경을 구축하기 위한 공개키 알고리즘인 타원곡선 암호ECC(Elliptic Curve Cryptosystem)를 적용한 Bilinear Pairing을 활용해서 효율적이고 보안성도 강력한 인증 메커니즘을 제안한다.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.33-38
• /
• 2015

The damage to the security is increasing as public key-based ISP secure payment service is used in online banking payment system. Security technology aspect to ISP secure payment security has no special problems. But, security damage that occurs due to the simplicity of the payment system is a problem. In this paper, we propose response and plan for ISP secure payment service to minimize the damage that occurs due to the simplicity of a security settlement system. Proposed scheme is applicable to various billing systems such as secure payments, online payment, mobile payment, credit card. Proposed scheme is characterized in that can stably support the capabilities of the new billing system. Also, proposed scheme is to analyze the various security threats arising from the payment of the financial services and to describe response and plan technology.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.6
• /
• pp.367-378
• /
• 2006

A mobile phone has became as a payment tool in e-commerce and on-line banking areas. This trend of a payment system using various types of mobile devices is rapidly growing, especially in the Internet transaction and small-money payment. Hence, there will be a need to define its standard for secure and safe payment technology. In this thesis, we consider the service types of the current mobile payments and the authentication method, investigate the disadvantages, problems and their solutions for smart and secure payment. Also, we propose a novel authentication method which is easily adopted without modification and addition of the existed mobile hardware platform. Also, we present a simple implementation as a demonstration version. Based on virtual machine (VM) approach, the proposed model is to use a pseudo-random number which is confirmed by the VM in a user's mobile phone and then is sent to the authentication site. This is more secure and safe rather than use of a random number received by the previous SMS. For this payment operation, a user should register the serial number at the first step after downloading the VM software, by which can prevent the illegal payment use by a mobile copy-phone. Compared with the previous SMS approach, the proposed method can reduce the amount of packet size to 30% as well as the time. Therefore, the VM-based method is superior to the previous approaches in the viewpoint of security, packet size and transaction time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1096-1102
• /
• 2016

Various services have been provided due to the recent development of IT technology and widespread usage of smartphones. In recent years, Fintech service that provides financial services through mobile devices has been the trending issue. However, mobile payment services haven't been widely used. The risk factors that appear when users seek to utilize a service, in particular, is one of the biggest hinderance in the expansion of mobile payment services. The failure of gaining the trust of the consumers appear to be the continuing hinderance factor. Therefore this study is to analyse the impact of perceived risk factors on trust and continuance intention of mobile payment services. For the research purpose, we conducted survey and the research results show that most of perceived risk factors have influence on trust and continuance intention except on the impact of perceived financial risk on trust.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.300-301
• /
• 2018

Recently, various payment services using mobile terminals are emerging and many users are using this service. This study is an empirical study on the effect of system factors(convenience, reachability, compatibility) of mobile simple payment service on trust, positive affect, mediated by customer perceived risk. A survey was conducted for this study, and a structural equation model was analyzed with PLS. Results showed that convenience, accessibility, and compatibility affect risk, and risk affects trust and positive affect.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.01a
• /
• pp.325-328
• /
• 2015

NFC란 Near Field Communication의 약자로, 양방향 통신을 지원하는 근거리 통신 방법으로, 저전력, 사용의 편이성 등이 새롭게 각광받고 있는 차세대 통신수단이다. 본 논문에서는 기존의 바코드와 유사한 QR코드와 NFC를 모두 이용하는 모바일 환경에서의 소셜 커머스 결제 시스템을 제안한다. NFC를 사용하여 결제하는 제안된 방식이 기존의 결제 방식에 비하여 간편하고 편의성이 증대됨을 보인다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.718-721
• /
• 2015

NFC 와 모바일의 결합은 지난 몇 년간 유지되어 온 결제 시스템 환경의 변화를 가져왔으며, 현재는 모바일 결제 시장을 주도하고 있다. 특히, Google사, Apple사 등, 대부분의 전자결제 서비스에서는 신용카드를 대체하여 NFC 결제 방식을 채택하고 있으며, 국내에서는 NFC 활성화를 위한 전자 지불 표준을 통해 통신 상의 안전성을 강화하고 있다. 그러나, NFC를 활용한 전자 결제 방식은 아직까지 다양한 보안 상의 위협이 존재하고 있다. 본 연구에서는 NFC 결제 서비스 환경에서 Passive Communication Mode를 고려하여 조건부 익명성 제공이 가능한 인증 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.145-146
• /
• 2023

최근 결제 시스템은 인간 친화적이며 다양한 디지털 기술들의 발전으로 간편화되고 있다. 특히 핀테크의 일종인 간편 결제 시스템은 효율성과 간편성을 강조하면서 금융 시장에서 크게 화두 되는 시스템이다. 그러나 효율성과 간편성에 집중하다 보니 보안성이 낮아지는 단점을 가지고 있다. 특히, 간편 결제 시스템의 핵심인 토큰 시스템의 취약점은 가장 큰 문제를 발생할 수 있다. 이에 대응하기 위해, 이 논문에서는 기존 결제 시스템 방식에 비대칭 암호화 방식을 추가하여 간편 결제 시스템의 보안성을 높여 토큰 취약점 대응 시스템을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.103-109
• /
• 2004

Mobile payment service is a new innovating technology in the micro payment industry. Although it emerged only one or two years a9o in Korea, it is now highly used and prospered by many online companies. Traditional studies concerning the electronic payment system are usually about the payment process itself, so they stressed the security or the robustness of the process. The study from the angle of behavioral science seldom exists. This article describes the phenomenon of technology adoption with a particular focus on telephone Payment service. The article identifies which characteristic of the telephone payment service affects to the user status (user, non-users). To do this, this article mainly used Roger's Technology Acceptance Model and some characteristics are added to the model. The most important perceptual characteristic that affects to the user status was not security, but ease of use-the telephone payment service had to enhance continuously for the competitive advantage over the other payment service. Observability and convenience are also noted as important.